Posted on Wednesday, February 11, 2009 @ 17:45:14 CST in Security
by Raven
Microsoft: "Consistent exploit code likely" for IE vulnerabilities
Microsoft today shipped four bulletins with patches for at least 8 documented security vulnerabilities affecting Windows users and warned that "consistent exploit code could be easily crafted" to launch attacks via the Internet Explorer browser. The Patch Tuesday batch includes fixes for a pair of code execution holes in IE, two bugs in the Microsoft Exchange Server, a remote code execution issue in the Microsoft SQL Server, and three separate flaws haunting users of Microsoft Office Visio. The Microsoft warning that consistent exploit code was likely suggests that it’s very easy for an attacker to host a specially crafted Web site and attack unpatched users who surfed to the rigged Web site. The attacker could also take advantage of compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. This security update is rated Critical for Internet Explorer 7 running on supported editions of Windows XP and Windows Vista. For Internet Explorer 7 running on supported editions of Windows Server 2003 and Windows Server 2008, this security update is rated Moderate.
The Internet Explorer bulletin (MS09-002) should be treated with urgency because the flaws can be exploited to launch drive-by download attacks.
Read the entire article at ZDNET
|
Posted on Monday, February 09, 2009 @ 17:21:28 CST in Security
by Raven
SECUNIA ADVISORY ID: SA33800
VERIFY ADVISORY: http://secunia.com/advisories/33800/
CRITICAL: Highly critical
IMPACT: System access
SOFTWARE: Google Chrome 1.x - http://secunia.com/advisories/product/20760/
DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.
Read More...
|
Posted on Wednesday, February 04, 2009 @ 22:24:26 CST in Security
by Raven
SECUNIA ADVISORY ID: SA33799
VERIFY ADVISORY: http://secunia.com/advisories/33799/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access
SOFTWARE: Mozilla Firefox 3.x - http://secunia.com/advisories/product/19089/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Read More...
|
Posted on Wednesday, February 04, 2009 @ 22:14:35 CST in Security
by Raven
SECUNIA ADVISORY ID: SA33802
VERIFY ADVISORY: http://secunia.com/advisories/33802/
CRITICAL: Highly critical
IMPACT: DoS, System access
SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can potentially be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #1 and #2 in: SA33799 - The vulnerabilities are reported in versions prior to 2.0.0.21.
Read More...
|
Posted on Wednesday, December 17, 2008 @ 20:12:18 CST in Security
by Raven
SECUNIA ADVISORY ID: SA33205
VERIFY ADVISORY: http://secunia.com/advisories/33205/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access.
SOFTWARE: Mozilla Thunderbird 2.x - http://secunia.com/advisories/product/14070/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information: SA33184. The vulnerabilities are reported in version 2.0.0.18 and prior.
Read More...
|
Posted on Wednesday, December 17, 2008 @ 20:08:01 CST in Security
by Raven
SECUNIA ADVISORY ID: SA33184
VERIFY ADVISORY: http://secunia.com/advisories/33184/
CRITICAL: Highly critical
IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access
SOFTWARE: Mozilla Firefox 2.0.x - http://secunia.com/advisories/product/12434/
DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, or potentially compromise a user's system. The vulnerabilities are reported in versions prior to 2.0.0.19.
Read More...
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
