Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Excel exploit targets vulnerability in the wild

Excel exploit targets vulnerability in the wild

Microsoft this week warned Windows and Mac users that cyberattackers are remotely exploiting a flaw in Excel to take over computers.
Frank Washkuch Jan 17 2008 4:21PM Security
Year's first QuickTime vulnerability discovered

Year's first QuickTime vulnerability discovered

An Italian researcher has identified a flaw in Apple's QuickTime media application that can allow an attacker to perform a DoS attack or take control of an affected PC.
Frank Washkuch Jan 15 2008 4:28PM Security
Apple fixes Java vulnerabilities

Apple fixes Java vulnerabilities

Apple has released a new version of Java to resolve 18 vulnerabilities.
Dan Kaplan Dec 18 2007 2:21PM Security
In-the-wild exploits target Apple QuickTime flaw; proof-of-concept malware aims at Second Life

In-the-wild exploits target Apple QuickTime flaw; proof-of-concept malware aims at Second Life

Researchers have spotted two active attacks and a new proof-of-concept (PoC) exploit that take advantage of a still unpatched vulnerability in Apple QuickTime.
Dan Kaplan Dec 5 2007 9:45AM Security
Apple releases QuickTime update to patch seven vulnerabilities

Apple releases QuickTime update to patch seven vulnerabilities

Apple on Monday released a new version of its popular QuickTime media player to resolve seven vulnerabilities, six of which could have been exploited to remotely install malicious code on a user's machine.
Dan Kaplan Nov 7 2007 9:56AM Security
Attackers target PDF vulnerability

Attackers target PDF vulnerability

Online criminals have started targeting a vulnerability in Adobe's PDF reader.
Tom Sanders Oct 25 2007 9:59AM Security
Red Hat patches multiple ‘critical’ vulnerabilities in Linux

Red Hat patches multiple ‘critical’ vulnerabilities in Linux

Red Hat has patched nine vulnerabilities in its Enterprise Linux 5 kernel that could cause denial of service and unauthorised system access if exploited by a malicious attacker the vendor announced on Monday.
Negar Salek Oct 23 2007 2:21PM Software
Oracle releases 51 patches, unveils new vulnerability rating system

Oracle releases 51 patches, unveils new vulnerability rating system

Oracle on Tuesday delivered 51 fixes in a quarterly patch distribution that included an updated scoring system for organisations to measure the risk and impact of vulnerabilities.
Dan Kaplan Oct 18 2007 10:01AM Security
Fortify identifies open-source software vulnerabilities

Fortify identifies open-source software vulnerabilities

Hackers using a new class of vulnerabilities are targeting organisations using open-source software to develop custom programs, Fortify Software has warned.
Fiona Raisbeck Oct 10 2007 11:29AM Security
Users of AOL I.M. at risk of attacks

Users of AOL I.M. at risk of attacks

Millions of computers with registered copies of AOL Instant Messenger (AIM) are at risk to a variety of attacks via a vulnerability in AIM 6.1, AIM beta 6.2, AIM Pro and AIM Lite, according to researchers at Core Security.
Jim Carr Sep 27 2007 9:38AM Security
Application vulnerability assessment 2007

Application vulnerability assessment 2007

For testing products connecting to the web, we needed to scan beyond the depth of a traditional network vulnerability assessment utility, says Justin Peltier.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 26 2007 4:29PM Security
Review: Typhon

Review: Typhon

NGS Software Typhon is more of a traditional network vulnerability assessment tool with some application intelligence built in. The utility was able to locate FTP-based vulnerabilities on our test system, but had difficulties with web assessment.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 24 2007 12:00AM Security
VMware, Adobe vulnerabilities disclosed

VMware, Adobe vulnerabilities disclosed

Virtualisation software maker VMware issued a bulky patch release today to shore up 18 vulnerabilities, most of which affect the critical ESX Server.
Dan Kaplan Sep 21 2007 9:45AM Security
IBM-ISS X-Force finds a more complex malware market, fewer vulnerabilities, during first half of 2007

IBM-ISS X-Force finds a more complex malware market, fewer vulnerabilities, during first half of 2007

The malware underworld grew more complex during the first half of 2007, despite a decrease in the number of disclosed vulnerabilities, according to statistics provided by IBM Internet Security Systems' X-Force Labs.
Frank Washkuch Sep 20 2007 2:04PM Security
Review: Fortify Source Code Analysis

Review: Fortify Source Code Analysis

The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility. Any source code can be reviewed with the Source Code Analysis (SCA) suite.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 13 2007 4:44PM Security
Review: AppDetectivePro

Review: AppDetectivePro

AppDetectivePro primarily looks for security holes inside of a number of popular database servers. The user interface makes it easy to determine which steps of the scan should be performed next.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 13 2007 4:43PM Security
JavaScript hijacking - a new vulnerability

JavaScript hijacking - a new vulnerability

A new vulnerability, termed JavaScript hijacking, was recently identified that specifically affects the rich, interactive interfaces typically associated with Ajax and Web 2.0 applications.
Jacob West, Sep 13 2007 7:19AM Security
Hot or not: The Forum of Incident Response and Security Teams (FIRST) unveils updated common vulnerability scoring system

Hot or not: The Forum of Incident Response and Security Teams (FIRST) unveils updated common vulnerability scoring system

The new scoring system promises to make it easier for security managers and the IT industry to better measure the real-world risks associated with software flaws.
Amol Sarwate, Sep 11 2007 3:03PM Security
UN AIDS site target of new 'vulnerability scan' attack

UN AIDS site target of new 'vulnerability scan' attack

Hackers compromise a United Nations’ Asia Pacific AIDS information site using an emerging malicious technique which scans for multiple vulnerabilities.
Negar Salek Aug 29 2007 9:57AM Security
Review: AppDetective

Review: AppDetective

AppDetective primarily looks for security holes inside of a number of popular database servers. The user interface makes it easy to determine which steps of the scan should be performed next.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 27 2007 1:57PM Security

Log In

  |  Forgot your password?