Oracle Linux 5 / 6 : thunderbird (ELSA-2012-1362)

The remote Oracle Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2012-1362 advisory. 10.0.8-2.0.1.el63 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 10.0.8-2 - Added...

Oberthur smart cards generate weak certificates

Overview A flaw has been identified in Oberthur ID-One COSMO 64, v5.2 and v5.2a smart cards, which results in public keys that do not satisfy the requirements of the Digital Signature Standard as specified in FIPS PUB 186-3 and its predecessors. Description Oberthur ID-One COSMO 64, v5.2 and v5.2...

RSA Says Lockheed Attack Not a New Threat to SecurID, But Will Replace Users' Tokens

In the wake of a string of attacks against high-profile users of RSA Security’s SecurID tokens including Lockheed Martin, the company has posted an open letter to its customers, trying to reassure them that the tokens are secure and that the attacks don’t represent a new threat to these businesse...

iTunes < 4.7.1

The remote host is running a version of iTunes which is older than version 4.7.1. The remote version of this software is vulnerable to a buffer overflow when it parses a malformed playlist file .m3u or .pls files. A remote attacker could exploit this by tricking a user into opening a maliciously...