3943 matches found
Adobe Releases Security Bulletin for Flash Player
Adobe has released a security bulletin for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 11.2.202.238 and...
Microsoft Releases October Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, SQL Server, Server Software, Office, and Lync as part of the Microsoft Security Bulletin summary for October 2012. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service...
Adobe Releases Security Bulletin About Code Signing Certificate
Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new...
Increased Exploitation in Web Content Management Systems
US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems CMSs such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content. US-CERT recommends that users and administrators ensure that their CMS...
Microsoft Releases Security Advisory for Internet Explorer
Microsoft has released Security Advisory 2757760 to address a vulnerability in Microsoft Internet Explorer 6, 7 , 8, and 9. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted HTML documents e.g., a web page or an HTML email message or attachmen...
Microsoft Releases September Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Development Tools and Server Software as part of the Microsoft Security Bulletin summary for September 2012. These vulnerabilities may allow an attacker to operate with elevated privileges. US-CERT encourages users and...
Most Smartphone Users Consider Privacy When Vetting Apps
Cellphone owners now account for 88 percent of the U.S. population, of which some 43 percent say they download applications on their phones. Among these ‘app users,’ 57 percent told the Pew Internet and American Life Project that they have either uninstalled existing applications or made the...
Facebook Timeline Eraser Chrome Plugins Dupe Tens of Thousands of Users
Nearly 100,000 Facebook users have been duped into installing third-party Chrome plugins over the past few weeks that have access to all of their data on every Web site they visit. According to research recently conducted by security firm Barracuda Networks, the unsuspecting users were tricked in...
Survey Tracks Security's 'Bad Mood' Trend, Need for Improvement
The bulk of security teams face a relentless uphill battle when it comes to dealing with security risks and are sorely lacking when it comes to tracking, measuring and maintaining data access, according to new research. The majority of those interviewed in a survey published today, “The Buried...
US-CERT Releases Oracle Java JRE 1.7 Security Advisory
US-CERT has released Vulnerability Note VU636312 to address a vulnerability in Oracle Java Runtime Environment JRE 1.7. This vulnerability may allow an attacker to execute arbitrary code on a vulnerable system. US-CERT encourages users and administrators to review Vulnerability Note VU636312. Thi...
Microsoft Releases August Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SQL Server, Server Software, Developer Tools, and Exchange Server as part of the Microsoft Security Bulletin summary for August 2012. These vulnerabilities may allow an attacker to execute...
Pinterest Temporarily Locking Down Compromised Accounts
The popular social sharing site Pinterest is addressing an uptick in suspected hacks by temporarily locking down suspicious accounts and forcing those users to create more unique passwords. The lockouts follow a couple of weeks of notices that include an 11-question survey to help the company...
Maian Survey - index.php URI redirection Local File Inclusion
Maian Survey - index.php URI redirection Local File Inclusion source: https://www.securityfocus.com/bid/54613/info Maian Survey is prone to a URI-redirection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit...
Maian Survey - '/index.php' URI redirection / Local File Inclusion
source: https://www.securityfocus.com/bid/54613/info Maian Survey is prone to a URI-redirection vulnerability and a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary local files within...
Users Remain Mostly Oblivious to Spear Phishing
A new survey shows that 50 percent of employees think that their company has been the victim of a targeted attack. Security firm Proofpoint found in its survey that these targeted attacks continue to be a nuisance, affecting both small and large organizations. A similar number, 56 percent of...
Maian Survey 1.1 Local File Inclusion / Open Redirection
=========================================================================== Author: PuN!Sh3r Vulnerable Software: Maian Survey v 1.1 Official Site:http://www.maianscriptworld.co.uk/ =========================================================================== Vuln Desc: 1.Local File Inclusion: Vuln...
Oracle Releases Critical Patch Update for July 2012
Oracle has released its Critical Patch Update for July 2012 to address 87 vulnerabilities across multiple products. This update contains the following security fixes: 4 for Oracle Database Server 1 for Oracle Application Express Listener 2 for Oracle Secure Backup 22 for Oracle Fusion Middleware ...
Mobile App Leaves Blackboard Courseware Open To Remote attack
Vulnerability Lab researchers discovered remotely exploitable cross site scripting vulnerabilities in Blackboard Mobile Learn v9. The education platform’s mobile application is reportedly vulnerable to a number of persistent input validation vulnerabilities that could give remote attackers the...
Microsoft Releases July Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, Developer Tools, and Server Software as part of the Microsoft Security Bulletin summary for July 2012. These vulnerabilities may allow an attack to execute arbitrary code, operate with...
Google Releases Google Chrome 20.0.1132.43
Google has released Google Chrome 20.0.1132.43 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the...