788 matches found
[SECURITY] Fedora 12 Update: gif2png-2.5.1-1202.fc12
The gif2png program converts files from the obsolescent Graphic Interchange Format to Portable Network Graphics. The conversion preserves all graphic information, including transparency, perfectly. The gif2png program can even recover data from corrupted GIFs. There exists a 'web2png' program in ...
Google Overhauls Privacy Policy
Google is planning to overhaul its main privacy policy in an effort to make the document more readable and usable for normal people. In addition, Google also is eliminating privacy policies for some of its individual products and services, which it deemed redundant. The shift by Google is a prett...
Vulnerability Broker Draws Line in Disclosure Sand
Looking to put pressure on software vendors who procrastinate on fixing security flaws, the world’s biggest broker of vulnerability data is drawing a line in the sand. Starting August 4, TippingPoint’s Zero Day Initiative ZDI will enforce a six-month deadline for patches on all vulnerabilities...
Google Cloud Print: Thinking Through the Security, Privacy Implications
Google’s plans to introduce a Cloud Print service that’s already being hailed as “printer voodoo” because it lets users print to any printer anywhere in the world, even from mobile phones. However, there are some privacy and security implications that need to be fleshed out before end users rush ...
Mozilla Warns of Unknown Root Certificate Authority in Firefox
In a startling revelation, the open-source Mozilla project says that its flagship Firefox browser contains a root certificate authority that doesn’t seem to have a known owner. It’s quite possible that this could be a legitimate root certificate that changed hands during a merger or some other...
[SECURITY] Fedora 11 Update: gif2png-2.5.1-1102.fc11
The gif2png program converts files from the obsolescent Graphic Interchange Format to Portable Network Graphics. The conversion preserves all graphic information, including transparency, perfectly. The gif2png program can even recover data from corrupted GIFs. There exists a 'web2png' program in ...
Some Advice for Howard Schmidt
It’s been little more than 24 hours since President Obama named Howard Schmidt his White House Cybersecurity Coordinator, but it didn’t take nearly that long for just about everyone with any interest in security to line up on one side or the other of the “he has no chance/he’ll save the Internet”...
Batch Picture Watemark 1.0 (.jpg File) Local Crash PoC
Exploit for unknown platform in category dos / poc ====================================================== Batch Picture Watemark 1.0 .jpg File Local Crash PoC ====================================================== Anti-Security Research Team & Security Institute + Bug : Batch Picture Watemark v1....
Major software makers fail security transparency test
From SDTimes David Worthington A majority of the industry’s leading software makers surveyed by SD Times lack transparency about the internal principles that they use for writing secure software. Analysts believe that those companies are either practicing security by obscurity, do not adequately...
MDVA-2008:067 : ksplash-engine-moodin
ksplash-engine-moodin has some background caching routines for simulating the transparency and the fade-in effect of the loading steps. When the session loading happens too fast, the first steps don't have enough time to finish the caching before the later steps start to happen, showing some imag...
Google tackles cloud security
Google has a reputation for being open and transparent with many of its initiatives and internal workings, but one of the things that the company hasn’t talked much about publicly until recently is security. In this interview with SearchSecurity.com, the director of security for Google Apps, Eran...
Microsoft to unveil patch management metrics project
Microsoft on Wednesday plans to launch a new research effort to determine the total cost of the patch-management cycle, from testing and distributing a fix to user deployment of the patch. The end result of the project, which will be completely open and transparent to outsiders, will be a full...
Mandriva Update for ksplash-engine-moodin MDVA-2008:067 (ksplash-engine-moodin)
Check for the Version of ksplash-engine-moodin OpenVAS Vulnerability Test Mandriva Update for ksplash-engine-moodin MDVA-2008:067 ksplash-engine-moodin Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...
Mandriva Update for ksplash-engine-moodin MDVA-2008:067 (ksplash-engine-moodin)
Check for the Version of ksplash-engine-moodin OpenVAS Vulnerability Test Mandriva Update for ksplash-engine-moodin MDVA-2008:067 ksplash-engine-moodin Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...
Cybersecurity should return to the White House
A bill introduced in the Senate on Wednesday would make major changes to the way that cybersecurity is handled both within the government and in the private sector, including giving the federal government more control over private networks. But the provision that is getting the most attention, an...
What is security transparency?
Transparency is a common theme in politics and Wall Street these days. The 2008 elections, dealings of TARP, financial institutions run a-muck are all places where we hear the word transparency bandied about on a daily basis. While many security professionals speak about transparency when it come...
Microsoft Windows GDI+ GIF Parsing Buffer Overflow (MS08-052; CVE-2008-3013)
Graphics Interchange Format GIF images are 8-bit files that support transparency, compression, interlacing, and multiple-image pictures animated GIFs. A remote code execution vulnerability has been discovered in the way GDI+ parses GIF images. The vulnerability is due to a buffer overrun when GDI...
FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5)
A Secunia Advisory reports : Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS Denial of Service. Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency...
libpng png_handle_tRNS flaw
The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...
Re: Cisco IOS VTP issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is a Cisco response to an advisory published by FX of Phenoelit posted as of September 13, 2006 at: http://www.securityfocus.com/archive/1/445896/30/0/threaded and entitled "Cisco Systems IOS VTP multiple vulnerabilities". An official...