SECUNIA ADVISORY ID: SA42524

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42524/

CRITICALITY: Highly Critical

RELEASE DATE: 2010-12-06

DESCRIPTION: A vulnerability has been discovered in Google Earth, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll and quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a KMZ file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 5.1.3533.1731. Other versions may also be affected.

SOLUTION: Upgrade to version 6.0.

PROVIDED AND/OR DISCOVERED BY: Taeho Kwon and Zhendong Su

SECUNIA ADVISORY ID: SA42476

VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42476/

CRITICALITY: Highly Critical

RELEASE DATE: 2010-12-04

DESCRIPTION: A vulnerability has been discovered in Kindle for PC, which can be exploited by malicious people to compromise a user's system. The vulnerability is confirmed in version 1.3.0 (30884). Other versions may also be affected. Read More...

Southern writes:  

A Firefox extension that demonstrates HTTP session hijacking attacks.

System Requirements
* Mac OS X: 10.5 or newer on an Intel processor.
* Windows: XP or newer. Install Winpcap first!
* Linux: Not currently supported.
* Firefox: 3.6.12 or newer. 32-bit only. Firefox 4.x beta not supported.

Firesheep

story: 'Firesheep' developer: Facebook is ignoring huge security problem

jestrella writes:  

I'm glad and proud to publicly release my first set of free themes for our beloved CMS RavenNuke(tm), I have called it Exuberanza Theme Pack and it includes a set of three extremely elegant, modern, lite and fast themes. Chely, Impaktus and Negroide are the names and they're ready to beautify your website.

Go to my website for screenshots and download link... http://dev.exuberanza.com/article39.html

SECUNIA ADVISORY ID: SA42312

VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42312/

RELEASE DATE: 2010-11-23

CRITICALITY: Highly Critical

DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people bypass certain security restrictions, conduct spoofing attacks, disclose sensitive information, cause a DoS (Denial of Service), or to compromise a user's system. Read More...

SECUNIA ADVISORY ID: SA42314

VERIFY ADVISORY: Secunia.com: http://secunia.com/advisories/42314/

RELEASE DATE: 2010-11-24

CRITICALITY: Highly Critical

DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. Read More...