by Art Manion Adobe Reader and Acrobat JavaScript vulnerabilities Overview Adobe Reader and Acrobat contain vulnerabilities in the customDictionaryOpen() and getAnnots() JavaScript methods. I. Description Adobe Reader and the Adobe Acrobat family of software is designed to create, view, and edit Portable Document Format (PDF) files. Adobe Reader is widely deployed, and the Acrobat Reader [...]
US-Cert — ActiveX controls built with Microsoft ATL fail to properly handle initialization data Overview ActiveX controls that are built using a Microsoft ATL template may fail to properly handle initialization data, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. I. Description Microsoft Active Template Library (ATL) is [...]
A massive phishing scam similar to the recent bank fraud scams is being sent in emails that look like the following: From: “Microsoft Customer Support” Subject: Update for Microsoft Outlook Critical Update Update for Microsoft Outlook / Outlook Express (KB910721) Brief Description Microsoft has released an update for Microsoft Outlook / Outlook Express. This update [...]
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.
Apple has released Safari 4.0 for Windows and Mac OS X to address multiple vulnerabilities in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.
National Cyber Alert System Technical Cyber Security Alert TA09-022A Apple QuickTime Updates for Multiple Vulnerabilities Original release date: January 22, 2009 Source: US-CERT Systems Affected Apple QuickTime 7.5 for Windows and Mac OS X Overview Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be [...]
National Cyber Alert System Technical Cyber Security Alert TA09-020A Microsoft Windows Does Not Disable AutoRun Properly Source: US-CERT Systems Affected Microsoft Windows Overview Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft’s guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability. I. Description [...]
Oracle Updates for Multiple Vulnerabilities Original release date: January 15, 2009 Source: US-CERT Overview Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. I. Description The Oracle Critical Patch Update – January 2009 addresses 41 vulnerabilities in different [...]
BugTraq Security Tip Of The Day Computer And Internet Security News Current Security Alerts Network Vulnerability Notes Homeland Security