Mandriva Linux Security Advisory : mozilla (MDVSA-2012:110-1)
Security issues were identified and fixed in mozilla firefox and thunderbird : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...
0.1AI Score
0.375EPSS
Scientific Linux Security Update : nfs-utils-lib on SL5.x i386/x86_64
Details : Tenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash. On Red Hat Enterprise.....
AI Score
0.967EPSS
Alleged TeamPoison Member Sentenced to Six Months in Jail
A British teenager has been sentenced to six months in jail after pleading guilty to illegally accessing the Gmail account of a former top aide to former Prime Minister Tony Blair. Junaid Hussain was allegedly a member of the TeamPoison hacking crew and had posted some of Blair’s personal...
1.4AI Score
xulrunner to 14.0.1 (critical)
Mozilla XULRunner was updated to 14.0.1, fixing bugs and security issues: Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...
0.5AI Score
0.375EPSS
MozillaFirefox to 14.0.1 (critical)
MozillaFirefox was updated to 14.0.1 to fix various bugs and security issues. Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...
0.6AI Score
0.375EPSS
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8226)
MozillaFirefox have been updated to the 10.0.6ESR security release fixing various bugs and several security issues, some critical. The ollowing security issues have been fixed : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and ...
0.2AI Score
0.375EPSS
Security update for Mozilla Firefox (important)
MozillaFirefox has been updated to the 10.0.6ESR security release fixing various bugs and several security issues, some critical. The following security issues have been fixed: * MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used...
0.7AI Score
0.375EPSS
Security update for Mozilla Firefox (important)
MozillaFirefox have been updated to the 10.0.6ESR security release fixing various bugs and several security issues, some critical. The ollowing security issues have been fixed: * MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used...
0.7AI Score
0.375EPSS
0.9AI Score
0.375EPSS
1.1AI Score
0.375EPSS
1AI Score
0.375EPSS
Releases Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Packages ubufox - Ubuntu Firefox specific configuration defaults and apt support Details USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Original...
10AI Score
0.375EPSS
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : ubufox update (USN-1509-2)
USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety...
10AI Score
0.375EPSS
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1509-1)
Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit...
1AI Score
0.375EPSS
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : thunderbird vulnerabilities (USN-1510-1)
Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly...
9.9AI Score
0.375EPSS
Out of bounds read in QCMS — Mozilla
Google developer Tony Payne reported an out of bounds (OOB) read in QCMS, Mozilla’s color management library. With a carefully crafted color profile portions of a user's memory could be incorporated into a transformed image and possibly...
9.1AI Score
0.006EPSS
Releases Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Packages firefox - Mozilla Open Source web browser Details Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety...
10AI Score
0.375EPSS
Releases Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey...
10AI Score
0.375EPSS
Report: TeamP0ison Hacker "TriCk" Pleads Guilty For Hacking Tony Blair's E-mail
TeamP0ison hacker and newly minted 18 year-old Junaid Hussain of Birmingham, England – a.k.a “TriCk” pleaded guilty last week to hacking charges for a string of attacks on some of the U.K.’s leading political figures, including former Prime Minister Tony Blair, according to a published report in...
0.5AI Score
Unbreakable Enterprise kernel security and bugfix update
[2.6.39-200.24.1.el5uek] - Revert 'Add Oracle VM guest messaging driver' (Guru Anbalagane) [Orabug: 14233627} [2.6.39-200.23.1.el5uek] - SPEC: add block/net modules to list used by installer (Guru Anbalagane) [Orabug: 14224837] [2.6.39-200.22.1.el5uek] - NFSv4: include bitmap in nfsv4 get acl...
-0.3AI Score
0.003EPSS
The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal does not properly check access for product keys, which allows remote attackers to read all unassigned product keys via certain conditions related to the...
6.8AI Score
0.017EPSS
SA-CONTRIB-2012-076 - Ubercart Product Keys Access Bypass
CVE: CVE-2012-2702. This module enables you to sell product keys from an Ubercart store. Under certain circumstances, a user can view all unassigned product keys which could grant them access to the software circumventing the process of selling the key. Versions affected Ubercart Product Keys...
6.3AI Score
0.017EPSS
17 year old Teenager arrested over TeamPoison hacking attacks
17 year old Teenager arrested over TeamPoison hacking attacks A teenage boy has been arrested on suspicion of being a member of "TeamPoison", a computer hacking group that has claimed responsibility for 1,400 offences including an attack on the phone system of Scotland Yard's counter-terrorism...
6.7AI Score
Employee Sends Medicaid Info of 228K To His Yahoo! Account
A South Carolina man was arrested yesterday on charges stemming from a data breach that may have leaked personal information on more than 200,000 Medicaid beneficiaries in the state, including their names, phone numbers, addresses, birth dates and Medicare ID numbers according to a report in the...
1.4AI Score
Survey: Mom and Dad Secretly Monitor Facebook
A new survey conducted by AVG Technologies revealed that a solid majority of American parents admit that they have secretly accessed the Facebook profiles of their children. Mothers are more likely to secretly log on than are fathers, but the survey shows that 60 percent of all U.S. parents...
0.3AI Score
Update: Zappos Says 24 Million Customers Affected By Data Breach
UPDATE: Online retailer Zappos said that its network has been compromised and attackers were able to access personal information belonging to more than 24 million of its customers. Zappos said that its database that contains customers’ credit card numbers was not compromised, however. “We were...
0.9AI Score
Zappos a division of Amazon got Hacked
** Zappos** a division of Amazon got Hacked A notification mail from Zappos is circulating in Customers that a division of Amazon "Zappos.com" got Hacked by Unknown Hackers. Notification mail indicated that names, email addresses, mailing addresses, and the last four digits of customer's social...
6.8AI Score
Internet Pioneers, Security Experts Send Letter to Congress Blasting SOPA
A group of engineers, networking specialists, security experts and other specialists deeply involved with the Internet’s development and growth have sent a letter to lawmakers criticizing the highly controversial SOPA and PIPA bills and imploring them not to pass the legislation, which they say...
0.1AI Score
Linux Foundation Says UEFI Doesn't Have to Prevent Other OS Installations
The Linux Foundation has released a document outlining ways in which the UEFI secure boot specification can be used to support the installation of Linux and other open operating systems on UEFI-enabled hardware. As long as hardware vendors set up their systems in the proper way, UEFI should be no.....
1.1AI Score
Derbycon 2011 Videos Talks The idea behind DerbyCon was developed by Dave Kennedy (ReL1K), Martin Bos (PureHate), and Adrian Crenshaw (Irongeek). Their motivation stemmed from a desire to see more of the old-style talks and events of the conventions of the past. DerbyCon was hosted by some...
6.8AI Score
Microsoft Defends Secure Boot in Windows 8
Microsoft officials are seeking to assuage concerns that its implementation of UEFI in Windows 8 will prevent users from loading non-Microsoft operating systems or applications on their machines. Despite concerns raised by security researchers and open-source advocates about vendor lock-in and...
1AI Score
0.974EPSS
Its Fail 2011 - Year of Hacks !
Its Fail 2011 - Year of Hacks ! According to IT security experts Year 2011 have labeled as the "Year of the Hack" or "#Fail 2011". Hacking has become much easier over the years allowing hackers to hack into systems easier then ever before, which is why 2011 had a lot of hacking happen so far....
7.5AI Score
14 Years in Jail for mass credit card theft
14 Years in Jail for mass credit card theft A 21 year old man received a 14 year prison sentenced on Friday for running an online business that sold counterfeit credit cards encoded with stolen account information with losses estimated at more than $3 million. Tony Perez III, of Hammond,...
6.6AI Score
SA-CONTRIB-2011-040 Author Pane access bypass
The Author Pane module provides information about users on a site. This module has integration with several other modules including the user locations of the Location module. If you enabled display of user locations the Author Pane module may have shown user locations to site visitors who did not.....
6.4AI Score
Oracle Linux 5.7 kernel security and bug fix update
[2.6.18-274.el5] - [xen] svm: fix invlpg emulator regression (Paolo Bonzini) [719894] [2.6.18-273.el5] - Revert: [fs] proc: Fix rmmod/read/write races in /proc entries (Jarod Wilson) [717068] - [xen] disregard trailing bytes in an invalid page (Paolo Bonzini) [717742] - [xen] prep...
-0.3AI Score
0.062EPSS
Indonesian and Australian police launched Cyber Crime Investigation Center
Indonesian and Australian police launched Cyber Crime Investigation Center Indonesian and Australian police officially launched a joint project called the Cyber Crime Investigation Center. The center was officiated by Indonesian National Police chief Gen. Timur Pradopo and Australian Federal...
6.8AI Score
TeaMp0isoN leak Former British PM Tony Blair Data
TeaMp0isoN leak Former British PM Tony Blair Data Twitter Become the best place for Hackers to Leak data now and the best part is that , Twitter will never block you for such actions. After Lulzsec, Anonymous .. now Pakistani Hackers Group "TeaMp0isoN" is back with some New leaks. Last time...
6.5AI Score
Nmap NSE net: http-vmware-path-vuln
Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733). The vulnerability was originally released by Justin Morehouse and Tony Flick, who presented at Shmoocon 2010 (http://fyrmassociates.com/tools.html). SYNTAX: http.pipeline: If set, it represents the number...
0.1AI Score
0.959EPSS
CA20110510-01: Security Notice for CA eHealth
-----BEGIN PGP SIGNED MESSAGE----- CA20110510-01: Security Notice for CA eHealth Issued: May 10, 2011 CA Technologies support is alerting customers to a security risk with CA eHealth. A vulnerability exists that may potentially allow an attacker to compromise web user security. The vulnerability,.....
0.6AI Score
0.003EPSS
50 new Scada threats discovered, Another stuxnet in making ?
Scada systems are found in a variety of industrial plants ranging from water and waste treatment to food and pharmaceuticals and even nuclear power plants.Their scurity of these systems is getting worse and is big concern today. Application security management firm Idappcom reported 52 new threats....
6.8AI Score
Twitter, Javascript Defeat NYT's $40m Paywall
The New York Times is estimated to have spent $40 million to $50 million to construct an elaborate new paywall that will force some users of the site to pay a monthly fee to read paper content. But just days after rolling out a version of the paywall, the newspaper is playing whack-a-mole with...
-0.2AI Score
Exposed : HBGary wanted to suppress Stuxnet research !
It is no secret that in recent days, Anonymous Operatives have released a cache of HBGary Federal internal emails to the public. Crowdleaks has discovered that within these communications, Aaron Barr received a copy of Stuxnet _(a computer worm that targets the types of industrial control systems.....
7.1AI Score
Oracle Linux 5.6 kernel security and bug fix update
[2.6.18-238.el5] - [net] bnx2: remove extra call to pci_map_page (John Feeney) [663509] - [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [663853] [2.6.18-237.el5] - [block] fully zeroize request struct in rq_init (Rob Evers) [662154] - [scsi] qla4xxx: update to...
-0.6AI Score
0.573EPSS
kernel security, bug fix, and enhancement update
[2.6.18-194.32.1.0.1.el5] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - Add entropy support to igb (John Sobecki) [orabug 7607479] - [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332] - [NET] Add xen pv/bonding netconsole support...
0.6AI Score
0.017EPSS
Threatpost's List of the Top 10 Security Top 10 Lists
Ever since the traditional print industry collapsed in on itself like a decommissioned ‘Vegas casino, replaced with blogs, micro blogs, social networking and other forms of Web based publishing, the end of the year has brought with it a blizzard of retrospective and prospective Top 10 lists from...
-0.5AI Score
Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of interdependencies) by those security patches. Critical Patch Updates are...
0.1AI Score
0.971EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02514929 Version: 1 HPSBMA02578 SSRT100069 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Information Disclosure NOTICE: The information in this Security Bulletin should....
AI Score
0.002EPSS
About the security content of Safari 5.0.1 and Safari 4.1.1
About the security content of Safari 5.0.1 and Safari 4.1.1 * Last Modified: July 28, 2010 * Article: HT4276 Summary This document describes the security content of Safari 5.0.1 and Safari 4.1.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues...
0.5AI Score
0.335EPSS
Arbitrary UNC file read in IE 8
Internet Explorer is vulnerable to a drive-by arbitrary UNC file read, with the usual consequences (local account password disclosure, etc.) as in IE6 before SP1. It is in ICMFilter, which is accessible via the CSS filter property. Sample exploit code: <div...
0.5AI Score
7.1AI Score