Browsing Category: Vulnerabilities

Categories: Vulnerabilities

From The H Security
The Apache Tomcat developers have released patches to fix three vulnerabilities in their implementations of the Java Servlet and JavaServer Pages technologies. When Tomcat receives a request with invalid headers via the Java AJP connector, it closes the connection without returning an error message. The vulnerability can be exploited by an attacker in load balancing environments to initiate a denial of service (DoS) attack. Read the full story [h-online.com]

Read more...

Adobe’s first ever quarterly patch for the Reader and Acrobat product lines is set for June 9, the same day Microsoft is scheduled to deliver its batch of security updates.
As previously announced, Adobe plans to deliver security updates for Adobe Reader and Acrobat versions 7.x, 8.x, and 9.x for Windows and Macintosh on Tuesday, June 9.

Read more...

Categories: Vulnerabilities

From TidBITS (Rich Mogull)
With the impending release of the next versions of both Mac OS X and the iPhone operating system, it seems a good time to evaluate how Apple could improve their security program. Rather than focusing on narrow issues of specific vulnerabilities or incidents, or offering mere criticism, I humbly present a few suggestions on how Apple can become a leader in consumer computing security over the long haul.  Read the full story [tidbits.com]

Read more...

Categories: Vulnerabilities

Microsoft plans to ship 10 security bulletins next Tuesday (June 9, 2009) with fixes for a wide range of code execution vulnerabilities affecting Windows, Microsoft Office and Internet Explorer.
Six of the ten bulletins will be rated “critical,” Microsoft’s highest severity rating.  See the advance notice advisory [microsoft.com].  Read more at ZDNet Zero Day.

Read more...

Categories: Vulnerabilities

Apple today released QuickTime 7.6.2 with fixes for a variety of security vulnerabilities, some of which could lead to arbitrary code execution attacks.
The update, available for Mac OS X, Windows XP and Windows Vista, covers a total of 10 documented vulnerabilities that could be exploited via booby-trapped movie, video, image and audio files. Read the full story [zdnet.com]

Read more...

Categories: Vulnerabilities

From Reuters (Tarmo Virki)
Accessing your bank account using your mobile phone might seem safe, but security experts say would-be hackers can access confidential information via a simple text message seemingly from your service provider.
People in the industry aware of the risk see it as extremely small, as only a few people use handsets to access their bank accounts, but it is growing as mobile Internet usage rises.  Read the full story [reuters.com]

Read more...