3944 matches found
Adobe Releases Security Update for Flash Media Server
Adobe has released Flash Media Server 4.0.1, 3.5.5, and 3.0.7 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe security bulletin APSB10-27 and apply appropriate updates to help...
Microsoft Releases November Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Office and Forefront United Access Gateway as part of the Microsoft Security Bulletin Summary for November 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges. US-CER...
WordPress WP Survey And Quiz Tool Plugin 1.2.1 - Cross-Site Scripting Vulnerability
This WP Survey And Quiz Tool plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based...
Cisco Releases Vulnerability Alert for Intelligent Contact Manager
Cisco has released a vulnerability alert to inform users of a vulnerability affecting the Intelligent Contact Manager Setup Manager. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the vulnerability alert and consider...
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting source: https://www.securityfocus.com/bid/44707/info WP Survey And Quiz Tool for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage thi...
WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/44707/info WP Survey And Quiz Tool for Wordpress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Adobe Releases Security Update for Flash Player
Adobe has released Flash Player 10.1.102.64 for Windows, Macintosh, Linux, and Solaris to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass cross-domain policy file restrictions. The Adobe securi...
Google Releases Chrome 7.0.517.44
Google has released Chrome 7.0.517.41 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates...
Microsoft Releases Security Advisory for Internet Explorer
Microsoft has released Microsoft security advisory 2458511 to alert users of a vulnerability affecting all supported versions of Internet Explorer. This vulnerability may allow an attacker to execute arbitrary code. Update: Microsoft has released two Fix it tools in Microsoft Support article...
Removable Media Security Practices
US-CERT is aware of recent reports indicating that some newly purchased removable media devices are infected with malicious code. This malicious code is a worm that attempts to propagate itself via multiple methods. If a Windows user connects an affected removable media device to a system that ha...
Adobe Releases Security Update for Shockwave Player
Adobe has released a security update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe security bulletin APSB10-25 and apply any necessary updates to help...
Adobe Releases Security Bulletin for Flash Player, Reader, and Acrobat
Adobe has released a security advisory to alert users of a vulnerability affecting the following applications: Adobe Flash Player 10.1.85.3 and earlier for Windows, Macintosh, Linux, and Solaris Adobe Flash Player 10.1.95.2 and earlier for Android Adobe Reader 9.4 and earlier 9.x versions for...
Firefox 3.5 and 3.6 Vulnerability
Mozilla has released a blog entry indicating that it is aware of a critical vulnerability affecting Firefox 3.5 and Firefox 3.6. This vulnerability may allow an attacker to execute arbitrary code. The blog entry indicates that active exploitation of this vulnerability has been detected. Update: T...
Cisco Releases Security Advisory for CiscoWorks Common Services
Cisco has released a security advisory to address a vulnerability affecting CiscoWorks Common Services for Oracle Solaris and Microsoft Windows. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with administrative privileges or cause a denial-of-service...
Fraud Advisory for Businesses Released: Corporate Account Take Over
As part of a joint effort, the United States Secret Service, the Federal Bureau of Investigation, the Internet Crime Complaint Center IC3 and the Financial Services Information Sharing and Analysis Center FS-ISAC have released Fraud Advisory for Businesses: Corporate Account Take Over PDF. The...
Report: Phishing Activity is Down (And That's A Bad Thing)
The number of phishing attacks declined in the first half of 2010, but a report from the Anti Phishing Working Group warns that might not be such a good thing. The group released its Global Phishing Survey on Monday covering the first six months of 2010. Overall, the survey reported a steep decli...
Apple Releases Java for Mac OS X 10.5 Update 8 and Java for Mac OS X 10.6 Update 3
Apple has released Java for Mac OS X 10.5 update 8 and Java for Mac OS X 10.6 update 3 to address multiple vulnerabilities affecting the Java package. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages...
Google Releases Chrome 7.0.517.41
Google has released Chrome 7.0.517.41 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct URL spoofing, or bypass security restrictions. US-CERT encourages users and...
Survey: Information Theft A Bigger Problem than Physical Theft
Anyone who has received “notification” of funky activity on their credit card, or an urgent e-mail plea from the widow of Mobutu Sese Seko won’t be surprised to learn that information theft is a big problem. But a new survey out from Kroll Consulting finds that its also the biggest problem facing...
RIM Releases Security Advisory for BlackBerry Enterprise Server
RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and...