Adobe Releases Security Updates for Reader and Acrobat

Adobe has released updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address a vulnerability in the authplay.dll component. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe...

Adobe Releases Flash Player Update

Adobe has released an update for Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.106.16 and earlier versions for Android. Exploitation of thes...

Google Releases Chrome 10.0.648.133

Google has released Chrome 10.0.648.133 for Windows, Mac, Linux, and Chrome Frame. This update addresses a vulnerability that may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary update...

Apple Releases Safari 5.0.4

Apple has released Safari 5.0.4 to address multiple vulnerabilities in the ImageIO, libxml, and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. US-CE...

Google Releases Chrome 10.0.648.127

Google has released Chrome 10.0.648.127 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions. US-CERT encourages users and administrators t...

Microsoft Releases March Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2011. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletin an...

Google Releases Chrome 9.0.597.107

Google has released Chrome 9.0.597.107 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome...

Oracle Releases Security Alert for Java Runtime Environment

Oracle has released a security alert to address a vulnerability in the Java Runtime Environment component of the Oracle Java SE and Java for Business products. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. US-CERT encourages users and...

RealNetworks, Inc. Releases Security Updates for RealPlayer

RealNetworks, Inc. has released security updates to address a vulnerability affecting Windows RealPlayer 14.0.1 and earlier versions and RealPlayer Enterprise 2.1.4 and earlier versions. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the...

Microsoft Releases February Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, and Office as part of the Microsoft Security Bulletin Summary for February 2011. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain...

Google Releases Chrome 9.0.597.84

Google has released Chrome 9.0.597.84 for all platforms to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry an...

Rain Joe(YuQa)Network Information feedback system YuQaIFS V1. 0 vulnerability 0day and fix-vulnerability warning-the black bar safety net

Publishing author: f4tb0y Affected versions: YuQaIFS V1. 0 Vulnerability type: design flaw Vulnerability Description: a vulnerability in the file is YuQaIFSSave. the asp directly to the submitted data is written to the database, without any filtering. 主页 面 www.xxx.com/xx/index.asp（xx for this...

Cisco Releases Security Advisory for Multiple Cisco WebEx Player Vulnerabilities

Cisco has released a security advisory to address multiple vulnerabilities in WebEx Recording Format WRF and Advanced Recording Format ARF Players. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Cisco security advisory...

RealNetworks, Inc. Releases Update for RealPlayer

RealNetworks, Inc. has released an update for Windows RealPlayer 14.0.1 and prior to address a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory and appl...

Microsoft Releases Security Advisory 2501696

Microsoft has released Microsoft security advisory 2501696 indicating that it is investigating public reports of a vulnerability affecting Windows. This vulnerability is due to the way MHTML interprets MIME-formatted requests for content blocks within a document. Exploitation of this vulnerabilit...

XSS и IAA уязвимости в PHP-Nuke

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting та Insufficient Anti-automation уязвимостях в PHP-Nuke. XSS WASC-08: POST запрос на странице http://site/modules.php?name=Search " style="-moz-binding:url'http://websecurity.com.ua/webtools/xss.xmlxss' В поле поиска. Это верси...

Fuzzing tool discovers over 100 vulnerabilities in popular browsers !

The public release of crossfuzz - a cross-document DOM binding fuzzer that is able to detect vulnerabilities in all browsers by examining how they interact with various elements while they render web pages - by the Google-employed security researcher Michal Zalewski has unveiled some worrying...

Apple Releases Mac OS X v10.6.6

Apple has released Mac OS X v10.6.6 to address a vulnerability affecting PackageKit. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4498 and apply any...

Microsoft Releases Security Advisory

Microsoft has released security advisory 2490606 to alert users of a vulnerability affecting the Windows Graphics Rendering Engine. Exploitation of this vulnerability may allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. US-CERT...

RIM Releases Security Advisory for BlackBerry Enterprise Server

RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. The vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and...