Vulnerabilities


Adobe Doles Out Bug-Filled PDF Reader to Users

From Computerworld (Gregg Keizer)
Adobe delivers an out-of-date version of Reader to users who download the popular application from its Web site, a security company warned today.
The edition Adobe currently offers includes at least 14 security vulnerabilities that have been patched by the company in the last two months.  Read the full story [computerworld.com]  See original warning [secunia.com]

New Linux Flaw Enables Null Pointer Exploits

A researcher has published exploit code for a new vulnerability he discovered in the Linux kernel. The vulnerability is an especially interesting one in that the researcher who discovered it, Brad Spengler, has demonstrated that he can use the weakness to defeat many of the add-on security protections offered by SELinux and AppArmor.


Just 48 hours after the release of exploit code targeting a zero-day vulnerability in Firefox 3.5, Mozilla’s security response team has rushed out a patch to protect users from code execution attacks.
With Firefox 3.5.1, rated a “critical” update, the open-source group corrects a browser crash that could result in an exploitable memory corruption problem.

From The H Security

The Luxembourg security specialists G-SEC have published details of a vulnerability in the majority of browsers which will either crash the browser or consume so much memory that it makes the computer virtually unusable. The trick is simple. Using JavaScript’s DOM (Document Object Model), create a selection menu on the web page; a select element. Then assign to that select element’s length attribute a very high value, as a result there is a continuous allocation of memory. The length attribute specifies the number of menu items the select element should contain, and according to the specification (and common sense) should be read only, but in many cases, it is writeable. Read the full story [The H Security].

Attackers have begun using the unpatched vulnerability in Microsoft’s Office Web Components in SQL injection attacks. The vulnerability, which only became public this week, affects millions of users running a number of different versions of Windows, Office and Internet Explorer. The SANS Internet Storm Center said it is receiving reports of SQL injection attacks exploiting the vulnerability and using obfuscated code.

From Zero in a Bit (Chris Eng)
Yesterday it was reported by various media outlets that a recent BlackBerry software update from Etisalat (a UAE-based carrier) contained spyware that would intercept emails and text messages and send copies to a central Etisalat server. We decided to take a look to find out more. Read the full story [Zero in a Bit].

By Eric Schultze
Microsoft released six security bulletins  today — three rated Critical and three rated Important.  Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens a malformed document.

Today’s release is important because patches were released for two recent 0-day attacks – a QuickTime file parsing vulnerability and the recently announced Directshow vulnerability.  Both vulnerabilities are reported as being actively exploited on the Internet.

Microsoft has expended a massive amount of time, energy and money in the last few years to improve both the quality of its software and the speed and efficiency of its security response process. It has succeeded in large part on both counts, especially on the security and reliability of its products. But, as the company’s response to the privately disclosed MsVidCtl ActiveX vulnerability in Internet Explorer shows, Microsoft still has some ground to cover on the issue of timely response.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.