Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Review: Source Code Analysis Suite

Review: Source Code Analysis Suite

The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 20 2007 8:00AM Security
VoIP vulnerabilities unveiled at Black Hat

VoIP vulnerabilities unveiled at Black Hat

Voice over Internet Protocol (VoIP) phone systems relying on so-called "soft phone" software are open to thousands of potential vulnerabilities, researchers at Sipera Systems' said at the annual Black Hat conference last week in Las Vegas.
Jim Carr Aug 6 2007 9:52AM Security
Review: AppScan 7.5

Review: AppScan 7.5

Watchfire AppScan is a software-based offering, which runs from the Windows platform. You may remember earlier versions of AppScan that required a Linux-based server and were configured and run through a web browser.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 1 2007 12:00AM Security
ActiveX vulnerability hits Yahoo Widgets

ActiveX vulnerability hits Yahoo Widgets

Researchers at security research firm Secunia have revealed a "highly critical" security vulnerability in Yahoo's desktop Widgets. Widgets are software plug-ins that allow delivering a variety of information - weather reports, sports scores, and music - to users' computer desktops.
Jim Carr Jul 30 2007 8:35AM Security
Mozilla says URL protocol handling vulnerability is a Firefox issue

Mozilla says URL protocol handling vulnerability is a Firefox issue

Mozilla's chief security guru on Monday issued a mea culpa for her company's handing of a URL protocol handing flaw that was believed to only be exploitable from Internet Explorer (IE).
Frank Washkuch Jul 25 2007 9:52AM Security
Mozilla distributes eight patches; blames Microsoft for vulnerability

Mozilla distributes eight patches; blames Microsoft for vulnerability

Mozilla on Tuesday released eight patches - three of them deemed "critical" - in its Firefox 2.0.0.5 release, as the company's chief security official chided Microsoft for failing to protect users from an Internet Explorer bug.
Frank Washkuch Jul 19 2007 10:11AM Security
Oracle patches 45 vulnerabilities in its databases

Oracle patches 45 vulnerabilities in its databases

Oracle released patches for 45 flaws, 13 of which allow an attacker to exploit various Oracle products remotely without proper access credentials, in its latest round of quarterly Critical Patch Updates on Tuesday.
Jim Carr Jul 19 2007 10:01AM Security
Apple fixes eight QuickTime vulnerabilities

Apple fixes eight QuickTime vulnerabilities

Apple on Wednesday patched eight flaws in its QuickTime media player.
Frank Washkuch Jul 13 2007 8:28AM Security
Adobe fixes two Flash Player vulnerabilities

Adobe fixes two Flash Player vulnerabilities

Adobe is encouraging users of Flash Player to upgrade to the latest version to avoid falling victim to two vulnerabilities that could allow attackers to take complete system control.
Dan Kaplan Jul 12 2007 9:34AM Security
Microsoft fixes 11 vulnerabilities, 8 'critical,' on Patch Tuesday

Microsoft fixes 11 vulnerabilities, 8 'critical,' on Patch Tuesday

Microsoft released six patches covering 11 vulnerabilities on July's monthly Patch Tuesday, including "critical" fixes impacting Active Directory on Windows 2000 and 2003 Server and its .Net Framework products. In all, Microsoft rated eight of the 11 vulnerabilities as critical.
Jim Carr Jul 11 2007 10:47AM Security
eBay-like marketplace for vulnerability exchange opens

eBay-like marketplace for vulnerability exchange opens

A Switzerland-based company this week launched an eBay-like marketplace for buying and selling zero-day software vulnerabilities.
Dan Kaplan Jul 9 2007 9:49AM Security
Microsoft to fix three 'critical' vulnerabilities on Patch Tuesday

Microsoft to fix three 'critical' vulnerabilities on Patch Tuesday

Microsoft has said it plans to send out six security bulletins, three of which it has rated as "critical" (its highest severity rating), in its monthly Patch Tuesday release on 10 July.
Jim Carr Jul 6 2007 9:52AM Security
HP ventures into vulnerability assessment

HP ventures into vulnerability assessment

GLOBAL - SPI Dynamics buy adds security scanning to application life cycle offering.
Tom Sanders Jun 21 2007 5:58PM Security
HP ventures into vulnerability assessment

HP ventures into vulnerability assessment

UK - Spi Dynamics aquisition adds security scanning to application life cycle
offering.
Tom Sanders Jun 20 2007 5:30PM Security
Vulnerabilities hit products relying on CA anti-virus engine

Vulnerabilities hit products relying on CA anti-virus engine

CA has said that products relying on its anti-virus engine contain two vulnerabilities that could be exploited to cause a crash or execute arbitrary code. The company has issued updates to address the vulnerabilities, which are rated "high."
Jim Carr Jun 8 2007 10:31AM Security
Exploits released for zero-day Yahoo Messenger vulnerabilities

Exploits released for zero-day Yahoo Messenger vulnerabilities

A hacker named "Danny" has released two zero-day ActiveX exploits for Yahoo Messenger's Webcam application.
Frank Washkuch Jun 8 2007 9:53AM Security
Hot or not: Local buffer overflow vulnerabilities

Hot or not: Local buffer overflow vulnerabilities

Buffer overflows have long been a primary vector of attack against computer systems — and the rise of local buffer overflow vulnerabilities and zero-day attacks makes it a problem that's likely to grow more troublesome.
Amol Sarwate, May 29 2007 9:58AM Security
Taiwanese gang exploits Microsoft Word

Taiwanese gang exploits Microsoft Word

A Taiwanese criminal gang continues to launch attacks as Microsoft Word becomes the most common exploit vector, latest figures by MessageLabs show.
Fiona Raisbeck May 22 2007 10:43AM Security
Taiwanese gang continues Word attacks

Taiwanese gang continues Word attacks

A Taiwanese criminal gang continues to launch attacks as Microsoft Word becomes the most common exploit vector, latest figures by MessageLabs show.
Fiona Raisbeck May 22 2007 8:46AM Security
Third of UK companies have critical vulnerabilities

Third of UK companies have critical vulnerabilities

Nearly a third of UK organisations have critical vulnerabilities that are widely recognised and actively exploited by hackers, according to new research by NTA Monitor.
Fiona Raisbeck May 16 2007 9:45AM Security

Log In

  |  Forgot your password?