[SECURITY] Fedora 14 Update: mozvoikko-1.0-23.fc14.1

This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...

Report: Q2 Threat Evolution, the Year of the Hacktivist?

Scareware and Rogue AV are back with a vengeance in 2011, after receding in 2010 according to Kaspersky Lab’s latest threat evolution report. According to the report, the rogue AV resurgence is significant not only in scope, which was substantial, with the Kaspersky Security Network KSN detecting...

Code injection

The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter...

CVE-2011-2590

CVE-2011-2590 affects UUSee UUPlayer ActiveX Control 6.0.0.1 (UUSee 2010 6.11.0609.2). The Play() method allows remote code execution by passing a UNC path in the MPlayerPath parameter, enabling application-context execution. OpenVAS entries also describe multiple remote code execution vulnerabil...

Authentication flaw

TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service crash via a crafted packet to TCP port 10651...

EMC Foots $66 Million Bill For RSA Attack

EMC Corporation announced via an earnings call Tuesday that it spent $66 million during the second quarter on its security firm division RSA to recover from a cyberattack that compromised their SecurID product in March, according to a post on the Washington Post’s Post Tech blog. The money went...

Smiasm - Reverse engineering framework

Smiasm - Reverse engineering framework What is Miasm? Miasm is a a free and open source GPLv2 reverse engineering framework. Miasm aims at analyzing/modifying/generating binary programs. Here is a non exhausting list of features: opening/modifying/generating PE/ELF 32/64 le/be using Elfesteem...

Google Search Now Displaying Warning About Malware Infections

Google is taking the unusual step of displaying a message at the top of its search results pages for some users, alerting them to the fact that their computers may be infected with malware. The action is the result of an investigation in which the search giant discovered that some malware-infecte...

More Allegations Link Murdoch's Media Empire to "Ethical Hackers"

ED: More Allegations Link Murdoch’s Media Empire to “Ethical Hackers” DEK: New reports add weight to accusations that Rupert Murdoch’s News of the World may have used professional hackers and malicious programs to obtain information that was then used in news reports. The ‘drip drip drip’ of...

[SECURITY] Fedora 14 Update: mozvoikko-1.0-22.fc14.1

This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...

CVE-2011-2600

The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service system crash via vectors involving WebGL and 1 shader programs or 2 complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to...

Code injection

The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service desktop hang via vectors involving WebGL and 1 shader programs or 2 complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to vis...

CVE-2011-2601

The GPU support functionality in Mac OS X does not properly restrict rendering time, which allows remote attackers to cause a denial of service desktop hang via vectors involving WebGL and 1 shader programs or 2 complex 3D geometry, as demonstrated by using Mozilla Firefox or Google Chrome to vis...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7568)

This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. The following security issues were fixed : - Multiple integer overflows in the nextpidmap function in kernel/pid.c in the Linux kernel allowed local users to cause a denial of service system cra...

[SECURITY] Fedora 15 Update: mozvoikko-1.9.0-5.fc15

This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko...

Easewe FTP OCX ActiveX Control 4.5.0.9 - 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities

source: https://www.securityfocus.com/bid/48393/info Easewe FTP OCX ActiveX control is prone to multiple insecure-method vulnerabilities. Attackers can exploit these issues to perform unauthorized actions or execute arbitrary programs. Successful exploits may result in compromise of affected...

Easewe FTP OCX ActiveX Control 4.5.0.9 - EaseWeFtp.ocx Multiple Insecure Method Vulnerabilities

Easewe FTP OCX ActiveX Control 4.5.0.9 - EaseWeFtp.ocx Multiple Insecure Method Vulnerabilities source: https://www.securityfocus.com/bid/48393/info Easewe FTP OCX ActiveX control is prone to multiple insecure-method vulnerabilities. Attackers can exploit these issues to perform unauthorized...

Microsoft Office Excel Scenario Record Buffer Overflow (MS11-045; CVE-2011-1275)

Microsoft Excel is a popular spreadsheet application. This is a remote code execution vulnerability. When Microsoft Excel validates record information upon opening a specially crafted Excel file, a memory handling error may corrupt system memory in such a way that an attacker could execute...

Microsoft Excel Series Integer Underflow (MS11-045; CVE-2011-1278)

Microsoft Excel is a popular spreadsheet application. A vulnerability has been identified in Microsoft Excel. When Microsoft Excel validates record information upon opening a specially crafted Excel file, a memory handling error may corrupt system memory in such a way that an attacker could execu...

A Rocky Road Ahead for Apple On Security

Computer security experts have been forecasting the arrival of malicious programs that target Apple’s products for so long that they had begun to sound like the kind of Rapturistas and Mayan Calendar sleuths that we all smartly ignore. But if May didn’t bring Harold Camping’s Judgement Day, as...