FYI...

Thunderbird v12.0 released
- https://www.mozilla.org/en-US/thunderbird/12.0/releasenotes
April 24, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12
Fixed in Thunderbird 12
MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
MFSA 2012-31 Off-by-one error in OpenType Sanitizer
MFSA 2012-30 Crash with WebGL content using textImage2D
MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
MFSA 2012-27 Page load short-circuit can lead to XSS
MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
MFSA 2012-24 Potential XSS via multibyte content processing errors
MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
MFSA 2012-22 use-after-free in IDBKeyRange
MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/12.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- https://secunia.com/advisories/48932/
Release Date: 2012-04-25
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to Firefox version 12.0 and Thunderbird version 12.0...

- http://www.securitytracker.com/id/1026973
Date: Apr 24 2012
CVE Reference: CVE-2011-1187, CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2012-0479
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via network
Version(s): prior to 12.0...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with a target site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
A remote user can spoof certain web sites.
A remote user can obtain potentially sensitive information...

:fear:

FYI...

ISTR report for 2011
- https://secure.marketwatch.com/story/annual-symantec-internet-security-threat-report-reveals-81-percent-increase-in-malicious-attacks-2012-04-30?reflink=MW_news_stmp
April 30, 2012 - "... while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent. In addition, the report* highlights that advanced targeted attacks are spreading to organizations of all sizes and variety of personnel, data breaches are increasing, and that attackers are focusing on mobile threats... Symantec blocked more than 5.5 billion malicious attacks in 2011, an increase of 81 percent over the previous year. In addition, the number of unique malware variants increased to 403 million and the number of Web attacks blocked per day increased by 36 percent... Targeted attacks are growing, with the number of daily targeted attacks increasing from 77 per day to 82 per day by the end of 2011. Targeted attacks use social engineering and customized malware to gain unauthorized access to sensitive information. These advanced attacks have traditionally focused on public sector and government; however, in 2011, targeted attacks diversified. Targeted attacks are no longer limited to large organizations. More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees... As tablets and smartphones continue to outsell PCs, more sensitive information will be available on mobile devices. Workers are bringing their smartphones and tablets into the corporate environment faster than many organizations are able to secure and manage them. This may lead to an increase in data breaches as lost mobile devices present risks to information if not properly protected. Recent research by Symantec shows that 50 percent of lost phones will not be returned and 96 percent (including those returned) will experience a data breach... Mobile vulnerabilities increased by 93 percent in 2011. At the same time, there was a rise in threats targeting the Android operating system. With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to the unique mobile opportunities, 2011 was the first year that mobile malware presented a tangible threat to businesses and consumers..."
* http://www.symantec.com/threatreport/topic.jsp?id=threatreport&aid=executive_summary

:sad: :fear: :mad:

FYI...

Samba v3.4.17, 3.5.15, 3.6.5 released
- http://www.securitytracker.com/id/1026988
Date: Apr 30 2012
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2111 - 6.5
Impact: Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 3.4.x - 3.6.4
Description: ... A remote authenticated user can modify user privileges on the target system...
Solution: The vendor has issued a fix (3.4.17, 3.5.15, 3.6.5).
The vendor's advisory is available at:
http://www.samba.org/samba/security/CVE-2012-2111
"... Patches addressing this issue have been posted to:
- https://www.samba.org/samba/history/security.html
Additionally, Samba 3.6.5, Samba 3.5.15 and 3.4.17 have been issued as security releases to correct the defect. Patches against older Samba versions are available at:
- http://samba.org/samba/patches/
Samba administrators running affected versions are advised to upgrade to 3.6.5, 3.5.15, or 3.4.17 or apply these patches as soon as possible"...

- https://secunia.com/advisories/48976/
Release Date: 2012-05-01
CVE Reference(s): http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2111 - 6.5
... caused due to improper application of security checks in the CreateAccount, OpenAccount, AddAccountRights, and RemoveAccountRights remote procedure calls (RPC) within the Local Security Authoriy (LSA). This can be exploited to gain "take ownership" privileges and e.g. change the ownership of arbitrary files and directories on the smdb file server.
... reported in versions 3.4.x through 3.6.4.
Solution: Apply patch or update to version 3.4.17, 3.5.15, and 3.6.5.
Original Advisory:
- http://www.samba.org/samba/security/CVE-2012-2111

:fear::spider:

FYI...

Apple patching practices ...
- http://atlas.arbor.net/briefs/index#-1272909644
30 Apr 2012 - OSX anti-malware site provides resources of value... link to a recent Flashback trojan analysis by DrWeb*.
Source: http://macviruscom.wordpress.com/2012/04/29/flashback-drweb-analysis-and-apple-patching-practice/

- http://nakedsecurity.sophos.com/2012/04/27/python-malware-mac/
April 27, 2012

* http://news.drweb.com/?i=2410&c=5&lng=en&p=0
April 27, 2012
> https://www.zdnet.com/blog/bott/flashback-malware-exposes-big-gaps-in-apple-security-response/4904?pg=2
April 29, 2012 - "... left to their own devices, many users will simply postpone those updates by clicking the 'Not Now' or 'Install Later' button. They see updates as an annoyance that will mean they they can’t use their Mac for 10 minutes to a half-hour... roughly 1 out of every 4 Snow Leopard users are at least six months behind in terms of applying major software updates. Nearly 15% are more than a year behind, meaning they have skipped at least two major OS X updates and are easy prey for any exploit that targets security holes that were fixed in those updates... If (Apple) talks to the press in an effort to reach owners of Macs who aren’t aware they’ve been infected, they risk puncturing the 'Macs don’t get viruses' image they’ve cultivated through the years. So the company has chosen to remain silent, which is shameful..."

These guys know it - and so do the Hacks.

Free Mac anti-virus for home users
> http://www.sophos.com/freemacav
> https://www.avira.com/en/avira-free-mac-security
___

New Malware Found Exploiting Mac OS X Snow Leopard
- https://threatpost.com/en_us/blogs/new-malware-found-exploiting-mac-os-x-snow-leopard-050212
May 2, 2012 - "... with Lion, that specific memory address can't be written, so the exploit fails. We can assume that this malware itself is targeting only Snow Leopard or lower versions of Mac OSX. That means the attacker had knowledge about the target environment beforehand. That includes the target operating system, application patch levels, etc..."

:sad::mad:

FYI...

Sumatra PDF reader v2.1.1 released
- http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
2012-05-07

Version history
- http://blog.kowalczyk.info/software/sumatrapdf/news.html
Changes in this release: fixes for a few crashes
___

Sumatra PDF reader v2.1 released
- http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
2012-05-03

What's new
- http://blog.kowalczyk.info/software/sumatrapdf/news.html
Changes in this release:
> support for EPUB ebook format
> added File/Rename menu item to rename currently viewed file (contributed by Vasily Fomin)
> support multi-page TIFF files
> support TGA images
> support for some comic book (CBZ) metadata
> support JPEG XR images (available on Windows Vista or later, for Windows XP the Windows Imaging Component has to be installed)
> the installer is now signed

:fear:

FYI...

Apple iOS 5.1.1 update for iPod, iPhone, iPad
- https://isc.sans.edu/diary.html?storyid=13144
Last Updated: 2012-05-07 20:29:40 UTC - "... only available through iTunes. The updates address Safari and WebKit for iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2... the update is available through iTunes."

- http://support.apple.com/kb/HT5278
May 07, 2012
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0674 - 4.3

- http://support.apple.com/kb/DL1521
Version: 5.1.1 - May 07, 2012
System Requirements: iPhone 4S, iPhone 4, iPhone 3GS, iPad 2, iPad, iPod touch (4th generation), iPod touch (3rd generation)

Apple patches serious security holes in iOS devices
- http://atlas.arbor.net/briefs/index#-480279256
Severity: Elevated Severity
Published: Monday, May 07, 2012
New patches provide protection for recent security holes in iOS.
Analysis: Some of these security holes were used in "hacking contents" such as pwn2own. It is likely that others are aware of the security holes, especially now that patches have been released and are surely being analyzed by attackers to spot the vulnerabilities. Considering the hot trends in mobile attacks, users are encouraged to deploy these updates as soon as possible.
Source: https://www.zdnet.com/blog/security/apple-patches-serious-security-holes-in-ios-devices/11983?utm

- http://h-online.com/-1569932
8 May 2012

- http://nakedsecurity.sophos.com/2012/05/08/apple-offers-ios-5-1-1-update-fixes-some-serious-vulnerabilities/
May 8, 2012

- http://www.securitytracker.com/id/1027028
CVE Reference: CVE-2012-0672, CVE-2012-0674
Date: May 7 2012
Impact: Execution of arbitrary code via network, Modification of system information, User access via network
Version(s): prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Description: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL...

:fear:

FYI...

Apache OpenOffice v3.4 released
- http://www.openoffice.org/news/aoo34.html
8 May 2012 — "The Apache OpenOffice Project today announced the availability of Apache OpenOffice 3.4, the first release of OpenOffice under the governance of the Apache Software Foundation. Apache OpenOffice is the original open source office productivity suite, designed for professional and consumer use... Apache OpenOffice is the leading open source office productivity suite, with more than 100 million users worldwide in home, corporate, government, research, and academic environments, across 15 languages. Apache OpenOffice 3.4 is available for download* free of charge. OpenOffice 3.4 features:
• word processing, spreadsheets, presentation graphics, databases, drawing, and mathematical editing applications support for Windows, Linux (32-bit and 64-bit) and Macintosh operating environments
• native language support for English, Arabic, Czech, German, Spanish, French, Galician, Hungarian, Italian, Japanese, Dutch, Russian, Brazilian Portuguese, Simplified Chinese, and Traditional Chinese
• improved ODF support, including new ODF 1.2 encryption options and new spreadsheet functions
• enhanced pivot table support in Calc
• enhanced graphics, including line caps, shear transformations and native support for Scalable Vector Graphics (SVG)
• improvements in performance and quality
The complete list of new features, functions, and improvements is available in the Release Notes..."

* Download: http://download.openoffice.org/

Release notes: https://cwiki.apache.org/confluence/display/OOOUSERS/AOO+3.4+Release+Notes
___

- https://secunia.com/advisories/46992/
Release Date: 2012-05-17
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-1149, CVE-2012-2149
Solution: Update to version 3.4.
Original Advisory:
http://www.openoffice.org/security/cves/CVE-2012-1149.html
http://www.openoffice.org/security/cves/CVE-2012-2149.html

- http://www.securitytracker.com/id/1027068
CVE Reference: CVE-2012-1149
Updated: May 16 2012

- http://www.securitytracker.com/id/1027069
CVE Reference: CVE-2012-2149
May 16 2012

- http://www.securitytracker.com/id/1027070
CVE Reference: CVE-2012-2334
Date: May 16 2012
Solution: The vendor has issued a fix (3.4).
> http://www.openoffice.org/security/cves/CVE-2012-2334.html

:fear::fear:

FYI...

Apple Security Update 2012-002 - OS X Lion v10.7.4
Released for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- http://support.apple.com/kb/HT5281
May 09, 2012

- http://support.apple.com/kb/HT5167

Related: http://support.apple.com/kb/TS4272

- http://www.securitytracker.com/id/1027054
CVE Reference: CVE-2012-0649, CVE-2012-0651, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658, CVE-2012-0659, CVE-2012-0660, CVE-2012-0661, CVE-2012-0662, CVE-2012-0675
Date: May 10 2012
Impact: Disclosure of system information, Execution of arbitrary code via network, User access via local system, User access via network
Version(s): 10.6.8, 10.7.3
Solution: The vendor has issued a fix (OS X Lion v10.7.4 and Security Update 2012-002), available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:
http://www.apple.com/support/downloads/
___

Safari 5.1.7
- http://support.apple.com/kb/HT5282
May 09, 2012

- http://support.apple.com/kb/DL1531

- http://support.apple.com/kb/HT5271

- https://secunia.com/advisories/47292/
Release Date: 2012-05-10
Criticality level: Highly critical
CVE Reference(s):
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0676 - 5.0
Impact: Security Bypass, Cross Site Scripting, System access
Where: From remote
... vulnerabilities are reported in versions prior to 5.1.7.
Solution: Update to version 5.1.7

- http://www.securitytracker.com/id/1027053
Date: May 10 2012
Impact: Modification of user information
Version(s): prior to 5.1.7
... The vendor's advisory is available at:
http://support.apple.com/kb/HT1222
___

Apple closes numerous holes in Mac OS X and Safari
- http://atlas.arbor.net/briefs/
Severity: Elevated Severity
Published: Friday, May 11, 2012
Now that malware authors are paying more attention to the OS X platform, keeping current on updates is going to become more important. This patch also fixes the recent plaintext password leakage issue.
Analysis: The Flashback trojan infected and still infects a substantial number of OS X systems. Imagine for a moment that they decided to take advantage of one of these security flaws - the password leakage issue with older versions of filevault - and compromised many passwords. Some of those passwords are bound to be re-used elsewhere, which could lead an attacker deeper into an enterprise. Creative and dedicated attackers will use any possible method to further their campaigns. This is just one scenario. Recent events show us that OS X is a viable target for criminals therefore patches need to be deployed in a timely manner to reduce risks.
Source: http://h-online.com/-1572174

.

FYI...

Apple 2012-003 Security Update for Leopard
- https://support.apple.com/kb/DL1533
May 14, 2012

- http://support.apple.com/kb/HT5271
"... Out-of-date versions of Adobe Flash Player do not include the latest security updates and will be disabled to help keep your Mac secure. If Safari 5.1.7 or Leopard Security Update 2012-003 detects an out-of-date version of Flash Player on your system, you will see a dialog informing you that Flash Player has been disabled. The dialog provides the option to go directly to Adobe's website, where you can download and install an updated version of Flash Player..."

- http://support.apple.com/kb/HT1222

- http://lists.apple.com/archives/security-announce/2012/May/msg00004.html
___

APPLE-SA-2012-05-14-1 Flashback Removal Security Update
- http://lists.apple.com/archives/security-announce/2012/May/msg00003.html
14 May 2012

- http://support.apple.com/downloads/

Flashback removal tool - for Mac OS X 10.5 Leopard
- http://h-online.com/-1575554
15 May 2012

.

FYI...

QuickTime v7.7.2 released
- https://secunia.com/advisories/47447/
Release Date: 2012-05-16
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2011-3458, CVE-2011-3459, CVE-2011-3460, CVE-2012-0265, CVE-2012-0663, CVE-2012-0664, CVE-2012-0665, CVE-2012-0666, CVE-2012-0667, CVE-2012-0668, CVE-2012-0669, CVE-2012-0670, CVE-2012-0671
... vulnerabilities are reported in versions prior to 7.7.2.
Solution: Update to version 7.7.2.
Original Advisory: Apple (APPLE-SA-2012-05-15-1):
http://lists.apple.com/archives/security-announce/2012/May/msg00005.html
Download:
- http://www.apple.com/quicktime/download/
-or-
Use Apple Software Update.

- http://support.apple.com/kb/HT5261
May 15, 2012

- http://www.securitytracker.com/id/1027065
May 16 2012
Impact: Execution of arbitrary code via network, User access via network
Version(s): prior to 7.7.2
Description: Multiple vulnerabilities were reported in Apple QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
Only Windows-based systems are affected...

:fear::fear:

FYI...

PHP v5.4.3 - PoC remote exploit in the wild
- https://isc.sans.edu/diary.html?storyid=13255
Last Updated: 2012-05-19 - "There is a remote exploit in the wild for PHP 5.4.3 in Windows, which takes advantage of a vulnerability in the com_print_typeinfo function. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port. Since there is no patch available for this vulnerability yet, you might want to do the following:
• Block any file upload function in your php applications to avoid risks of exploit code execution.
• Use your IPS to filter known shellcodes like the ones included in metasploit.
• Keep PHP in the current available version, so you can know that you are not a possible target for any other vulnerability like CVE-2012-2336* registered at the beginning of the month.
• Use your HIPS to block any possible buffer overflow in your system."
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2336

> Last: http://www.php.net/archive/2012.php#id2012-05-08-1

PHP 5.4 (5.4.3) Code Execution (Win32)
> http://www.exploit-db.com/exploits/18861/
___

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2376 - 10.0 (HIGH)

:fear::fear::spider:

FYI...

IrfanView plugins updated - v4.34 released

- https://secunia.com/advisories/49204/
Release Date: 2012-05-31
Criticality level: Highly critical
Impact: System access
Where: From remote
... vulnerability is confirmed in version 4.33. Other versions may also be affected.
Solution: Apply ECW PlugIn patch version 4.34*
___

- http://www.irfanview.com/plugins.htm
PlugIns updated -after- the version 4.33:

FPX/FlashPix PlugIn (4.34): Installer or ZIP - FPX-Library loading bug fixed:
http://www.irfanview.net/plugins/irfanview_plugin_fpx.exe
* ECW PlugIn (Third party, 3.1.0.350 - 4.34): Installer or ZIP - Some loading bugs fixed:
http://www.irfanview.net/plugins/irfanview_plugin_ecw.exe
XCF PlugIn (1.08): Installer or ZIP - Some loading bugs fixed:
http://www.irfanview.net/plugins/irfanview_plugin_xcf.exe

- https://secunia.com/advisories/49319/
Release Date: 2012-06-01
Criticality level: Moderately critical
Impact: System access
Where: From remote...
Solution: Apply Formats PlugIn patch version 4.34...
- http://www.irfanview.com/plugins.htm
FORMATS PlugIn (4.34): TTF loading bug fixed...
- http://www.irfanview.net/plugins/irfanview_plugin_formats.exe

:fear:

FYI...

Thunderbird v13.0 released
- https://www.mozilla.org/en-US/thunderbird/13.0/releasenotes
June 5, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13
Fixed in Thunderbird 13
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
MFSA 2012-34 Miscellaneous memory safety hazards

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/13.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- http://www.securitytracker.com/id/1027122
CVE Reference:
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0441 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1937 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1938 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1939 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1940 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1941 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1942 - 7.2 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1943 - 6.9
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1944 - 4.3
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1945 - 2.9
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1946 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1947 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3105 - 9.3 (HIGH)
Jun 6 2012
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 13.0

- https://secunia.com/advisories/49368/
Release Date: 2012-06-06
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Exposure of sensitive information, Privilege escalation, System access
Where: From remote
Solution: Upgrade to... Thunderbird version 13.0.

:fear:

FYI...

iTunes v10.6.3 released
- https://secunia.com/advisories/49489/
Release Date: 2012-06-12
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s):
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0677 - 9.3 (HIGH)
... This vulnerability does not affect the application on OS X Lion systems.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Solution: Update to version 10.6.3.
Original Advisory: Apple:
http://support.apple.com/kb/HT5318

• Addresses a problem where iTunes may become unresponsive when syncing an iPad (1st generation) that contains an iBooks textbook
• Fixes a problem where photos synced to a device may appear in an unexpected order
• Resolves an issue where iTunes may unexpectedly delete playlists created on a device
• Fixes issues where iTunes may unexpectedly delete apps on a device
• Improves overall performance and reliability

... available via Apple Software Update.

:fear::fear:

FYI...

Java for OS X 2012-004 / Mac OS X 10.6 Update 9
- http://support.apple.com/kb/HT5319
June 12, 2012 - "Description: Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at
http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html ..."

- https://secunia.com/advisories/49542/
Release Date: 2012-06-13
Criticality level: Highly critical
Impact: Cross Site Scripting, Manipulation of data, Exposure of sensitive information, DoS, System access
Where: From remote...
... more information: https://secunia.com/SA49472/
Original Advisory: http://support.apple.com/kb/HT5319

> http://forums.spybot.info/showpost.php?p=426869&postcount=4

:fear:

FYI...

Winamp v5.63 released
AVI/IT File Processing vulns
- https://secunia.com/advisories/46624/
Release Date: 2012-06-21
Criticality level: Highly critical
Impact: System access
Where: From remote ...
Solution: Update to version 5.63 Build 3234.
Original Advisory: Winamp:
http://forums.winamp.com/showthread.php?t=345684

:fear:

FYI...

Plesk Panel remote vuln - Fix
- http://kb.parallels.com/en/113321
Last Review: Jul, 12 2012 - "... it may not be plausible at this time to perform a full upgrade to the latest release of Parallels Plesk Panel 11 which is not affected, thus there was a set of Micro-Updates released for each major version affected which will resolve the security issue without the necessity of a system upgrade..."

- http://www.symantec.com/security_response/threatconlearn.jsp
"... Parallels has released a fix for its Plesk Panel application to correct a previously unknown vulnerability which allows the administrator password to be recovered by an attacker. The code to exploit the vulnerability is currently being sold on the internet and potentially allows passwords to be compromised. Customers are advised to apply the fix as soon as possible..."
___

- http://www.securitytracker.com/id/1027243
Jul 12 2012
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1557 - 7.5 (HIGH)
Impact: Disclosure of system information, Disclosure of user information, User access via network
Version(s): prior to 10.4.x*
Solution: The vendor has issued a fix.
The fix also includes a Mass Password Reset Script that must be executed to remove existing sessions and prevent a recurrence.
The vendor's advisory is available at:
- http://kb.parallels.com/en/113321

- https://secunia.com/advisories/48262
___

Plesk Panel 10.x for Windows...
* http://download1.parallels.com/Plesk/PP10/parallels-plesk-panel-10-windows-updates-release-notes.html
15-Jul-2012 - "... Fixed critical Plesk security issues found during internal security audit. All customers are highly recommended to update..."

Plesk Panel 10.x for Linux...
- http://download1.parallels.com/Plesk/PP10/parallels-plesk-panel-10-linux-updates-release-notes.html
15-Jul-2012 - "... Fixed critical Plesk security issues found during internal security audit. All customers are highly recommended to update..."

- http://kb.parallels.com/en/113321
Last Review: Jul, 16 2012

:fear::fear: :spider:

FYI...

Thunderbird v14.0 released
- https://www.mozilla.org/en-US/thunderbird/14.0/releasenotes
July 17, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14
Fixed in Thunderbird 14
MFSA 2012-56 Code execution through javascript: URLs
MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-50 Out of bounds read in QCMS
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-45 Spoofing issue with location
MFSA 2012-44 Gecko memory corruption
MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/14.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- https://secunia.com/advisories/49993/
Release Date: 2012-07-18
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to version 14...

- http://www.securitytracker.com/id/1027257
CVE Reference: CVE-2012-1948, CVE-2012-1949, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1967
Jul 17 2012
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 14 ...

:fear::fear:

FYI...

- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
2012-July-17 - "... This Critical Patch Update contains 87 new security fixes..."
* http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html#PIN

July 2012 Risk Matrices
- http://www.oracle.com/technetwork/topics/security/cpujul2012verbose-392736.html
___

- https://www.us-cert.gov/current/#oracle_releases_critical_patch_update20
July 18, 2012 - "... 87 vulnerabilities across multiple products. This update contains the following security fixes:
• 4 for Oracle Database Server
• 1 for Oracle Application Express Listener
• 2 for Oracle Secure Backup
• 22 for Oracle Fusion Middleware
• 1 for Oracle Hyperion
• 1 for Oracle Enterprise Manager Grid Control
• 4 for Oracle E-Business Suite
• 5 for Oracle Supply Chain Products
• 9 for Oracle PeopleSoft Products
• 7 for Oracle Siebel CRM
• 1 for Oracle Industry Applications
• 24 for Oracle Sun Products
• 6 for Oracle MySQL ..."
___

- http://h-online.com/-1644934
18 July 2012

:fear::fear:

FYI...

Symantec Two Products Insecure Library Loading vuln ...
- https://secunia.com/advisories/50033/
Release Date: 2012-07-23
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0305
... vulnerability is reported in the following products and versions:
* Symantec Backup Exec System Recovery 2010 prior to SP5
* Symantec System Recovery 2011 prior to SP2
Solution: Update to a fixed version.
Original Advisory: SYM12-012:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_01

- http://support.microsoft.com/kb/932716#appliesto
Last Review: October 9, 2011 - Revision: 6.0
___

Symantec Web Gateway multiple vulns
- https://secunia.com/advisories/50031/
Release Date: 2012-07-23
Criticality level: Moderately critical
Impact: Security Bypass, Manipulation of data, System access
Where: From local network
CVE Reference(s): CVE-2012-2574, CVE-2012-2953, CVE-2012-2957, CVE-2012-2961, CVE-2012-2976, CVE-2012-2977
Solution: Apply Database Update 5.0.0.438.
Original Advisory: SYM12-011:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_00

:fear::fear:

FYI...

"WordPress Plugin" search results ...
- https://secunia.com/advisories/search/?search=WordPress+Plugin
Found: 415 Secunia Security Advisories ...
Aug 31, 2012

- http://nakedsecurity.sophos.com/2012/08/10/blackhole-malware-attack/
"... ensure that any software you run on your web server is also properly secured, and kept patched and current (that includes blogging software like WordPress and any plugins that it might use)."

:sad: :fear::fear:

FYI...

Safari v6 released
- http://support.apple.com/kb/HT5400
July 25, 2012
> http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
APPLE-SA-2012-07-25-1 Safari 6.0

- https://secunia.com/advisories/50058/
Release Date: 2012-07-26
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to Safari version 6.0 via Apple Software Update.

- http://www.securitytracker.com/id/1027307
CVE Reference: CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3913, CVE-2012-0678, CVE-2012-0679, CVE-2012-0680, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697
Jul 26 2012
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 6.0 ...
___

Apple Xcode v4.4 released
- https://secunia.com/advisories/50068/
Release Date: 2012-07-26
Impact: Hijacking, Security Bypass, Exposure of sensitive information
Where: From remote
CVE Reference(s): CVE-2011-3389, CVE-2012-3698
... weakness and the vulnerability are reported in versions prior to 4.4.
Solution: Update to version 4.4 via the Apple Developer site or via the App Store.
Original Advisory: APPLE-SA-2012-07-25-2:
http://support.apple.com/kb/HT5416

- http://www.securitytracker.com/id/1027302
CVE Reference: CVE-2012-3698
Jul 26 2012
Impact: Disclosure of authentication information, Disclosure of user information
Version(s): prior to 4.4

- http://www.securitytracker.com/id/1027303
CVE Reference: CVE-2011-3389
Jul 26 2012
Impact: Disclosure of user information
Version(s): prior to 4.4

:fear::fear:

FYI...

PHP v5.4.6, 5.3.16 released
- http://www.php.net/
16-Aug-2012 - "... immediate availability of PHP 5.4.6 and PHP 5.3.16. These releases fix over 20 bugs. All users of PHP are encouraged to upgrade..."

Download
- http://www.php.net/downloads.php

ChangeLog
- http://www.php.net/ChangeLog-5.php

:fear:

FYI...

OpenOffice v3.4.1 released
- https://blogs.apache.org/OOo/entry/announcing_apache_openoffice_3_41
Aug 23, 2012 - "... OpenOffice 3.4.1 can be downloaded now from http://www.openoffice.org/download/ or by going to the 'Help/Check for Updates' dialog within OpenOffice 3.4 or 3.3..."

Release notes
- http://www.openoffice.org/development/releases/3.4.1.html
"... there were 69 verified issues that have been resolved..."
(More detail at the URL above.)

- http://h-online.com/-1674083
23 August 2012
___

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2665 - 7.5 (HIGH)
Last revised: 09/07/2012

- http://www.openoffice.org/security/cves/CVE-2012-2665.html
Versions Affected:
Apache OpenOffice 3.4.0, all languages, all platforms.
Earlier versions of OpenOffice.org may be also affected.
... upgrade to Apache OpenOffice 3.4.1...

- https://secunia.com/advisories/50438/
Release Date: 2012-08-28
Criticality level: Highly critical
Solution: Update to version 3.4.1.

:fear:

FYI...

Thunderbird v15.0 released
- https://www.mozilla.org/en-US/thunderbird/15.0/releasenotes
August 28, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15
Fixed in Thunderbird 15 ...

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/15.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- http://www.securitytracker.com/id/1027452
CVE Reference: CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-3966, CVE-2012-3967, CVE-2012-3968, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3974, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980
Aug 29 2012
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to ESR 10.0.7; prior to 15.0

- https://secunia.com/advisories/50308/
Release Date: 2012-08-29
Criticality level: Highly critical
Impact: Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote...
For more information: https://secunia.com/SA50088/
Solution: Upgrade to version 15...
___

- http://h-online.com/-1677823
29 August 2012

:fear:

FYI...

Apple/Java v1.6.0_35
- https://support.apple.com/kb/HT5473
Sep 05, 2012
Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later
Description: An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35. Further information is available via the Java website at
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
CVE-ID: CVE-2012-0547

- https://support.apple.com/kb/HT1338

APPLE-SA-2012-09-05-1 Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00000.html
Sep 05, 2012
___

- https://secunia.com/advisories/50545/
Release Date: 2012-09-06
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-0547, CVE-2012-4681
... For more information see: https://secunia.com/SA50133/
Original Advisory: APPLE-SA-2012-09-05-1:
http://lists.apple.com/archives/security-announce/2012/Sep/msg00000.html

:fear:

FYI...

WordPress v3.4.2 released
- http://wordpress.org/download/
September 6, 2012 - "The latest stable release of WordPress (Version 3.4.2) is available..."

WordPress 3.4.2 Maintenance and Security Release
- https://wordpress.org/news/2012/09/wordpress-3-4-2/
September 6, 2012 - "WordPress 3.4.2, now available for download, is a maintenance and security release for all previous versions... we’ve identified and fixed a number of nagging bugs, including:
• Fix some issues with older browsers in the administration area.
• Fix an issue where a theme may not preview correctly, or its screenshot may not be displayed.
• Improve plugin compatibility with the visual editor.
• Address pagination problems with some category permalink structures.
• Avoid errors with both oEmbed providers and trackbacks.
• Prevent improperly sized header images from being uploaded.
Version 3.4.2 also fixes a few security issues and contains some security hardening...

- https://secunia.com/advisories/50515/
Release Date: 2012-09-07
Impact: Unknown, Security Bypass
Where: From remote
... security issue and vulnerability are reported in versions prior to 3.4.2.
Solution: Update to version 3.4.2.
Original Advisory: http://wordpress.org/news/2012/09/wordpress-3-4-2/

- http://h-online.com/-1702501
7 Sep 2012
___

"WordPress Plugin" search results ...
- https://secunia.com/advisories/search/?search=WordPress+Plugin
Found: 432 Secunia Security Advisories ...
Oct 15, 2012

:fear::fear:

FYI...

Apple iTunes v10.7 released
- https://secunia.com/advisories/50618/
Release Date: 2012-09-13
Criticality level: Highly critical
Impact: System access
Where: From remote
... vulnerabilities are reported in versions prior to 10.7.
Solution: Update to version 10.7.
Original Advisory: APPLE-SA-2012-09-12-1:
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html

- http://www.securitytracker.com/id/1027525
CVE Reference: CVE-2012-2817, CVE-2012-2818, CVE-2012-2829, CVE-2012-2831, CVE-2012-3601, CVE-2012-3602, CVE-2012-3606, CVE-2012-3607, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3616, CVE-2012-3617, CVE-2012-3621, CVE-2012-3622, CVE-2012-3623, CVE-2012-3624, CVE-2012-3632, CVE-2012-3643, CVE-2012-3647, CVE-2012-3648, CVE-2012-3649, CVE-2012-3651, CVE-2012-3652, CVE-2012-3654, CVE-2012-3657, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3675, CVE-2012-3676, CVE-2012-3677, CVE-2012-3684, CVE-2012-3685, CVE-2012-3687, CVE-2012-3688, CVE-2012-3692, CVE-2012-3699, CVE-2012-3700, CVE-2012-3701, CVE-2012-3702, CVE-2012-3703, CVE-2012-3704, CVE-2012-3705, CVE-2012-3706, CVE-2012-3707, CVE-2012-3708, CVE-2012-3709, CVE-2012-3710, CVE-2012-3711, CVE-2012-3712
Sep 13 2012
Impact: Execution of arbitrary code via network, User access via network
Version(s): prior to 10.7

- https://support.apple.com/kb/HT5485
Sep 12, 2012
___

163 security holes in iTunes
- http://h-online.com/-1706849
13 Sep 2012

:fear:

FYI...

iOS 6 released
APPLE-SA-2012-09-19-1 iOS 6
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
19 Sep 2012
"iOS 6 is now available...
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later..."

- https://support.apple.com/kb/HT5503
"... can be downloaded and installed using iTunes*..."
* https://support.apple.com/kb/ht1414

- https://secunia.com/advisories/50586/
Release Date: 2012-09-20
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, Exposure of sensitive information, Privilege escalation, System access
Where: From remote ...
Solution: Upgrade to iOS 6 via Software Update.

- http://www.securitytracker.com/id/1027552
CVE Reference: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-4599, CVE-2012-3724, CVE-2012-3725, CVE-2012-3726, CVE-2012-3727, CVE-2012-3728, CVE-2012-3729, CVE-2012-3730, CVE-2012-3731, CVE-2012-3732, CVE-2012-3733, CVE-2012-3734, CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740, CVE-2012-3741, CVE-2012-3742, CVE-2012-3743, CVE-2012-3744, CVE-2012-3745, CVE-2012-3746, CVE-2012-3747
Sep 20 2012
Impact: Disclosure of system information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, User access via local system, User access via network...
Solution: The vendor has issued a fix (6.0).
___

- http://h-online.com/-1713012
20 Sep 2012

- https://isc.sans.edu/diary.html?storyid=14128
"iOS6 released: a few CVEs addresses, breaks mapping."

:fear:

FYI...

Apple security updates
- https://support.apple.com/kb/HT1222
3x - 19 Sept 2012
___

Safari v6.0.1 for Mac OS X
- https://secunia.com/advisories/50577/
Release Date: 2012-09-20
Criticality level: Highly critical
Impact: Security Bypass, Exposure of sensitive information, System access
Where: From remote...
Solution: Update to version 6.0.1...
Original Advisory: Apple:
http://support.apple.com/kb/HT5502

> http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html
APPLE-SA-2012-09-19-3 Safari 6.0.1
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1

- http://www.securitytracker.com/id/1027550
CVE Reference: CVE-2012-3713, CVE-2012-3714, CVE-2012-3715, CVE-2012-3598
Date: Sep 20 2012
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Version(s): prior to 6.0.1
___

Mac OS X multiple vulns - Security Update 2012-004
- https://secunia.com/advisories/50628/
Release Date: 2012-09-20
Criticality level: Highly critical
Impact: Security Bypass, Exposure of sensitive information, Privilege escalation, DoS, System access
Where: From remote...
Solution: Update to version 10.8.2 or 10.7.5 or apply Security Update 2012-004.

- http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004

- http://www.securitytracker.com/id/1027551
CVE Reference: CVE-2012-0650, CVE-2012-3716, CVE-2012-3718, CVE-2012-3719, CVE-2012-3720, CVE-2012-3721, CVE-2012-3722, CVE-2012-3723
Sep 20 2012
Impact: Denial of service via network, Disclosure of authentication information, Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
... vendor's advisory is available at:
http://support.apple.com/kb/HT5501

:fear::fear:

FYI...

Apple TV v5.1 released
- https://secunia.com/advisories/50728/
Release Date: 2012-09-25
Criticality level: Highly critical
Impact: Exposure of sensitive information, DoS, System access
Where: From remote
CVE Reference(s): CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
... vulnerabilities are reported in versions prior to 5.1.
Solution: Update to Apple TV Software version 5.1.
Original Advisory: APPLE-SA-2012-09-24-1:
http://support.apple.com/kb/HT5504
Apple TV 2nd generation and later

- https://support.apple.com/kb/HT4448
Apple TV (2nd and 3rd generation) software updates
Sep 24, 2012

How to update: https://support.apple.com/kb/HT1600

APPLE-SA-2012-09-24-1 Apple TV 5.1
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00006.html
24 Sep 2012

:fear:

FYI...

phpMyAdmin 3.x - potential compromise
- https://secunia.com/advisories/50703/
Release Date: 2012-09-25
Criticality level: Extremely critical
Impact: System access
Where: From remote
... distribution of a compromised phpMyAdmin source code package containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code.
Solution: Download and reinstall phpMyAdmin.
Software: phpMyAdmin 3.x
Original Advisory:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php
Date: 2012-09-25
Summary: One server from the SourceForge.net mirror system was distributing a phpMyAdmin kit containing a backdoor...
Severity: We consider this vulnerability to be critical.
Affected Versions: We currently know only about phpMyAdmin-3.5.2.2-all-languages.zip being affected, check if your download contains a file named server_sync.php.
Solution: Check your phpMyAdmin distribution and download it again from a trusted mirror if your copy contains a file named server_sync.php...

> http://www.phpmyadmin.net/home_page/downloads.php
phpMyAdmin 3.5.2.2 - Released 12 Aug 2012
___

- https://threatpost.com/en_us/blogs/sourceforge-investigates-backdoor-code-found-copy-phpmyadmin-092512
Sep 25, 2012

- http://h-online.com/-1717644
26 Sep 2012

:fear: :fear: :fear:

FYI...

RE: iOS 6 release / Apple maps...

- http://news.yahoo.com/tim-cook-apple-maps-extremely-sorry-working-fix-135819039.html
Sep 28, 2012 - "Apple CEO Tim Cook says the company is "extremely sorry" for the frustration that its maps application has caused and it's doing everything it can to make it better. Cook said in a letter posted online Friday that Apple "fell short" in its commitment to make the best possible products for its customers. He recommends that people try alternatives by downloading competing map apps from the App Store while Apple works on its own maps products.... 'had released an update to its iPhone and iPad operating system last week that replaced Google Maps with Apple's own maps application. But users complained that the new maps have fewer details, lack public transit directions and misplace landmarks, among other problems."
* https://www.apple.com/letter-from-tim-cook-on-maps/
Sep 28, 2012

:fear: :sad:

FYI...

Thunderbird v16.0.1 released
- https://www.mozilla.org/en-US/thunderbird/16.0.1/releasenotes
October 11, 2012 ... See Known Issues

Download
- https://www.mozilla.org/thunderbird/all.html

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1
Fixed in Thunderbird 16.0.1
MFSA 2012-89 defaultValue security checks not applied
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4190 - 10.0 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4191 - 10.0 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4192 - 4.3
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4193 - 9.3 (HIGH)
___

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/16.0/releasenotes/buglist.html
___

- http://www.securitytracker.com/id/1027652
CVE Reference: CVE-2012-4190, CVE-2012-4191
Oct 12 2012
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (16.0.1).

- https://secunia.com/advisories/50932/
Last Update: 2012-10-12
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-4190, CVE-2012-4191, CVE-2012-4192, CVE-2012-4193
... vulnerabilities are reported in Firefox and Thunderbird versions -prior- to 16.0.1 and SeaMonkey versions -prior- to 2.13.1.
Solution: Update Firefox and Thunderbird to versions 16.0.1 and SeaMonkey to version 2.13.1.

:fear:

FYI...

Oracle Critical Patch Update Advisory - October 2012
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Oct 16, 2012 - "... Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory... Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 109 new security fixes..."

Patch Availability Table
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#PIN

Risk Matrices
- http://www.oracle.com/technetwork/topics/security/cpuoct2012verbose-1515934.html
___

- http://atlas.arbor.net/briefs/index#968980828
Severity: High Severity
October 17, 2012
In addition to patching Java, Oracle releases patches for other products as well.
Analysis: While the Java security issues get the most press due it's widespread exploitation, the Oracle database and other products are often used to protect sensitive information and should also be protected. Some of these other products don't have the same attack footprint as Java however if an attacker is already inside the network then other Oracle software is easier to reach and exploit.
Source: http://h-online.com/-1731176

Oct 17 2012
Sun SPARC Server Bug in Integrated Lights Out Manager Lets Local Users Access Data
http://www.securitytracker.com/id/1027677
Sun GlassFish Enterprise Server CORBA Bug Lets Remote Users Cause Partial DoS Conditions
http://www.securitytracker.com/id/1027676
Oracle Industry Applications Bugs Let Remote Users Partially Access and Modify Data and Deny Service
http://www.securitytracker.com/id/1027675
Oracle Siebel CRM Bugs Let Remote Users Access Data on the Target System
http://www.securitytracker.com/id/1027674
Oracle Financial Services Software Bugs Lets Remote Authenticated Users Access and Modify Data and Deny Service
http://www.securitytracker.com/id/1027673
Oracle Java Runtime Environment (JRE) Bugs Let Remote Users Gain Full Control of the Target System
http://www.securitytracker.com/id/1027672
Oracle PeopleSoft Products Bugs Lets Remote Authenticated Users Partially Access Data, Modify Data, and Deny Service
http://www.securitytracker.com/id/1027671
Oracle Supply Chain Products Suite Bugs Let Remote Users Access and Modify Data
http://www.securitytracker.com/id/1027670
Oracle Fusion Middleware Bugs Let Remote Users Access and Modify Data and Local and Remote Users Deny Service
http://www.securitytracker.com/id/1027669
Oracle E-Business Suite Bugs Let Remote Users Partially Access and Modify Data and Partially Deny Service
http://www.securitytracker.com/id/1027668
Solaris Lets Local Users Gain Root Privileges and Remote Users Deny Service
http://www.securitytracker.com/id/1027667
Oracle Virtualization Bugs Let Remote Users Partially Modify Data and Local Users Partially Deny Service
http://www.securitytracker.com/id/1027666
MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
http://www.securitytracker.com/id/1027665
Oracle Database Bugs Let Remote Authenticated Users Partially Modify Data and Cause Partial Denial of Service Conditions
http://www.securitytracker.com/id/1027664

.

FYI...

iOS 6.0.1 Software Update
- https://support.apple.com/kb/DL1606
Nov 1, 2012
"This update contains improvements and bug fixes, including:
• Fixes a bug that prevents iPhone 5 from installing software updates wirelessly over the air
• Fixes a bug where horizontal lines may be displayed across the keyboard
• Fixes an issue that could cause camera flash to not go off
• Improves reliability of iPhone 5 and iPod touch (5th generation) when connected to encrypted WPA2 Wi-Fi networks
• Resolves an issue that prevents iPhone from using the cellular network in some instances
• Consolidated the Use Cellular Data switch for iTunes Match
• Fixes a Passcode Lock bug which sometimes allowed access to Passbook pass details from lock screen
• Fixes a bug affecting Exchange meetings
For information on the security content of this update, please visit this website:
http://support.apple.com/kb/HT1222
This update is available via iTunes and wirelessly."

- https://secunia.com/advisories/51162/
Release Date: 2012-11-02
Criticality level: Highly critical
Impact: Security Bypass, Exposure of system information, System access
Where: From remote
CVE Reference(s): CVE-2012-3748, CVE-2012-3749, CVE-2012-3750, CVE-2012-5112
For more information: https://secunia.com/SA51157/
Solution: Apply iOS 6.0.1 Software Update.
Original Advisory: APPLE-SA-2012-11-01-1:
http://support.apple.com/kb/HT5567
> http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html
___

Safari 6.0.2 released
- https://support.apple.com/kb/HT5568
Nov 1, 2012
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.2
... WebKit -
1) Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A time of check to time of use issue existed in the handling of JavaScript arrays. This issue was addressed through additional validation of JavaScript arrays.
CVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working with HP TippingPoint's Zero Day Initiative
2) Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A use after free issue existed in the handling of SVG images. This issue was addressed through improved memory handling.
CVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest...

- https://secunia.com/advisories/51157/
Release Date: 2012-11-02
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-3748, CVE-2012-5112
For more information: https://secunia.com/SA50954/
The vulnerabilities are reported in versions prior to 6.0.2 running on OS X Lion and OS X Mountain Lion.
Solution: Update to version 6.0.2.
Original Advisory: APPLE-SA-2012-11-01-2:
http://support.apple.com/kb/HT5568
> http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html

:fear::fear:

FYI...

Adobe PDF Reader 0-day in-the-wild ...
- https://krebsonsecurity.com/2012/11/experts-warn-of-zero-day-exploit-for-adobe-reader/
Nov 7th, 2012 - "Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they’ve discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because — beginning with Reader X– Adobe introduced a “sandbox” feature aimed at blocking the exploitation of previously unidentified security holes in its software, and so far that protection has held its ground. But according to Andrey Komarov, Group-IB’s head of international projects, this vulnerability allows attackers to sidestep Reader’s sandbox protection...
> https://www.youtube.com/watch?feature=player_embedded&v=uGF8VDBkK0M#t=0s
... Adobe spokeswoman Wiebke Lips said the company was not contacted by Group-IB, and is unable to verify their claims, given the limited amount of information currently available... Group-IB says the vulnerability is included in a new, custom version of the Blackhole Exploit Kit, a malicious software framework sold in the underground that is designed to be stitched into hacked Web sites and deploy malware via exploits such as this one... consumers should realize that there are several PDF reader option apart from Adobe’s, including Foxit, PDF-Xchange Viewer, Nitro PDF and Sumatra PDF*."
* http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
___

- http://h-online.com/-1746442
8 Nov 2012

:fear::fear:

FYI...

QuickTime v7.7.3 released
- https://secunia.com/advisories/51226/
Release Date: 2012-11-08
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758
... vulnerabilities are reported in versions prior to 7.7.3.
Solution: Update to version 7.7.3.
Original Advisory: http://support.apple.com/kb/HT5581

> http://lists.apple.com/archives/security-announce/2012/Nov/msg00002.html
... QuickTime 7.7.3 may be obtained from the QuickTime Downloads site:
http://www.apple.com/quicktime/download/
-or-
Use Apple Software Update.
___

- http://h-online.com/-1746273
8 Nov 2012

:fear:

FYI...

IrfanView v4.35 released
TIFF Image Decompression Buffer Overflow Vulnerability
- https://secunia.com/advisories/49856/
Release Date: 2012-11-09
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5022 - 6.8
This is related to vulnerability #4 in: https://secunia.com/SA43593/
... vulnerability is confirmed in version 4.33. Other versions may also be affected.
Solution: Update to version 4.35.
Original Advisory: http://www.irfanview.com/main_history.htm
Version 4.35 - 2012-11-07

- http://www.irfanview.com/main_download_engl.htm

- http://www.irfanview.com/plugins.htm
The current PlugIns version is: 4.35

:fear:

FYI...

Skype - pwd reset vuln...
- http://heartbeat.skype.com/2012/11/security_issue.html
Nov 14, 2012 - "Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience."
___

- http://h-online.com/-1749720
14 Nov 2012

- http://www.theregister.co.uk/2012/11/14/skype_fixes_hijack_bug/
14 Nov 2012

:fear:

FYI...

Thunderbird v17.0 released
- https://www.mozilla.org/en-US/thunderbird/17.0/releasenotes
Nov 20, 2012

Automated Updates: https://support.mozillamessaging.com/en-US/kb/updating-thunderbird
Manual check: Go to >Help >About Thunderbird

Download
- https://www.mozilla.org/thunderbird/all.html

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17
___

- http://www.securitytracker.com/id/1027793
CVE Reference: CVE-2012-4201, CVE-2012-4202, CVE-2012-4204, CVE-2012-4205, CVE-2012-4207, CVE-2012-4208, CVE-2012-4209, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5836, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840, CVE-2012-5841, CVE-2012-5842, CVE-2012-5843
Nov 21 2012
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Solution: The vendor has issued a fix (17.0)...

- https://secunia.com/advisories/51358/
Release Date: 2012-11-21
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, System access
Where: From remote...
Solution: Upgrade to version 17.0.

:fear::fear:

FYI...

Adblock Plus 2.2.1 released
- https://adblockplus.org/releases/adblock-plus-221-released
2012-11-23

- https://adblockplus.org/en/changelog-2.2.1
. Fixed issue affecting loading of filters in old Firefox version (including Firefox 10).
. Fixed wrong apostrophe encoding in translations (especially Italian).

- https://adblockplus.org/en/changelog-2.2
Changelog for the previous release
2012-11-21

> https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

:blink:

FYI...

"WordPress Plugin" search results ...
- https://secunia.com/advisories/search/?search=WordPress+Plugin
Found: 464 Secunia Security Advisories ...
Nov 27, 2012

>> http://piwik.org/blog/2012/11/security-report-piwik-org-webserver-hacked-for-a-few-hours-on-2012-nov-26th/
Updated: Nov 27, 2012 - "... The website Piwik.org is running WordPress and got compromised, because of a security issue in a WordPress plugin... compromised by an attacker on 2012 Nov 26th, this attacker added a malicious code in the Piwik 1.9.2 Zip file... You would be at risk only if you installed or updated to Piwik 1.9.2 on Nov 26th from 15:43 UTC to 23:59 UTC. If you are not using 1.9.2, or if you have updated to 1.9.2 earlier than Nov 26th 15:40 UTC or from Nov 27th, you should be safe..."
___

- http://h-online.com/-1757246
27 Nov 2012

:fear: :sad:

FYI...

Java 0-Day exploit on sale for ‘Five Digits’
- https://krebsonsecurity.com/2012/11/java-zero-day-exploit-on-sale-for-five-digits/
Nov 27, 2012 - "Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running the program... The flaw, currently being sold by an established member of an invite-only Underweb forum, targets an unpatched vulnerability in Java JRE 7 Update 9, the most recent version of Java (the seller says this flaw does not exist in Java 6 or earlier versions)... The seller was not terribly specific on the price he is asking for this exploit, but set the expected offer at “five digits.” The price of any exploit is ultimately whatever the market will bear, but this is roughly in line with the last Java zero-day exploit that was being traded and sold on the underground...
How to Unplug Java from the Browser:
> http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

:fear: :mad:

FYI...

0-day vulns in MySQL fixed by MariaDB
- http://h-online.com/-1761451
3 Dec 2012 - "A recently published security vulnerability in the MySQL open source database has been met with fixes by the developers of the open source MariaDB* fork... they also note that a supposed zero day vulnerability that enumerates MySQL users has been known about for ten years. MariaDB versions 5.1, 5.2, 5.3 and 5.5, in which CVE 2012-5579 is fixed, are available for download*. MySQL provider Oracle has yet to confirm the vulnerabilities, much less provide updated software."
* http://downloads.mariadb.org/
___

- https://secunia.com/advisories/51427/
Release Date: 2012-12-03
... may be related to vulnerability #1: https://secunia.com/SA51008/
CVE Reference(s): CVE-2012-5611, CVE-2012-5612, CVE-2012-5614, CVE-2012-5615
Impact: Brute force, DoS, System access
Where: From local network
Software: MySQL 5.x
Solution: No official solution is currently available...
___

- http://blog.trendmicro.com/trendlabs-security-intelligence/multiple-zero-day-poc-exploits-threaten-oracle-mysql-server/
Dec 6, 2012 - "... MySQL Database is famous for its high performance, high reliability and ease of use. It runs on both Windows and many non-Windows platforms like UNIX, Mac OS, Solaris, IBM AIX, etc. It has been the fastest growing application and the choice of big companies such as Facebook, Google, and Adobe among others. Given its popularity, cybercriminals and other attackers are definitely eyeing this platform..."

:fear::fear:

FYI...

cPanel - updates available
- https://secunia.com/advisories/51494/
Release Date: 2012-12-05
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Software: cPanel 11.x
... vulnerabilities are reported in versions prior to 11.30.7.4, 11.32.5.15, and 11.34.0.11.
Solution: Update to version 11.30.7.4, 11.32.5.15, or 11.34.0.11.
Original Advisory:
http://cpanel.net/important-security-release-cpanel-whm-11-30/
http://cpanel.net/important-11-32-security-update-cpanel-whm/
http://cpanel.net/important-11-34-security-release-cpanel-whm/

:fear::fear:

FYI...

iTunes 11.0.1 released
- https://support.apple.com/kb/DL1614
Dec 13, 2012 - "This update to the new iTunes addresses an issue where new purchases in iCloud may not appear in your library if iTunes Match is turned on, makes iTunes more responsive when searching a large library, fixes a problem where the AirPlay button may not appear as expected, and adds the ability to display duplicate items within your library. This update also includes other important stability and performance improvements."

Available on Apple Software Update.

:fear:

FYI...

iOS 6.0.2 Software Update
- http://support.apple.com/kb/DL1621
Dec 18, 2012 - Fixes a bug that could impact Wi-Fi...
System Requirements: iPhone 5, iPad mini

- http://www.todaysiphone.com/2012/12/ios-6-0-2-released-by-apple/
"... everyone and their dogs are trying to download the delta update and Apple’s servers are having a hard time..."

- http://bgr.com/2012/12/18/apple-releases-ios-6-0-2258170-258170/
Dec 18, 2012 - "... these Wi-Fi issues were supposed to be fixed with the release of iOS 6.0.1 but notes that users have still reported problems connecting to known Wi-Fi hotspots even after installing the patch..."

:fear::fear:

FYI...

Shockwave player - vulnerable Flash runtime
* http://www.kb.cert.org/vuls/id/323161
Last revised: 17 Dec 2012 - "Adobe Shockwave Player 11.6.8.638 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime..."

- http://h-online.com/-1772754
19 Dec 2012 - "US-CERT has warned that a security hole exists in Adobe's Shockwave Player*. Version 11.6.8.638 and earlier versions that were installed using the company's "Full" installer are affected. These all include an older version of Flash (10.2.159.1) that contains several exploitable vulnerabilities. Shockwave uses a custom Flash runtime instead of a globally installed Flash plugin. According to US-CERT, the Flash vulnerabilities can be exploited to execute arbitrary code at the user's privilege level via specially crafted Shockwave content. As the Shockwave Player tends to be used only rarely, simply uninstalling the software can provide protection. Adobe is even offering an uninstaller** for this purpose..."
** https://www.adobe.com/shockwave/download/alternates/
(See "Shockwave Player Uninstaller".)

- https://krebsonsecurity.com/2012/12/shocking-delay-in-fixing-adobe-shockwave-bug/
Dec 19, 2012 - "... U.S. CERT first warned Adobe about the vulnerability in October 2010, and Adobe says it won’t be fixing it until February 2013..."

- http://www.securitytracker.com/id/1027903
- http://www.securitytracker.com/id/1027904
- http://www.securitytracker.com/id/1027905
Dec 20 2012

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6270 - 9.3 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6271 - 9.3 (HIGH)

:fear::fear: :blink:

FYI...

Sumatra PDF reader v2.2.1 released
- http://blog.kowalczyk.info/software/sumatrapdf/news.html
2013-01-12
Version history - Changes in this release:
• fixed ebooks sometimes not remembering the viewing position
• fixed Sumatra not exiting when opening files from a network drive
• fixes for most frequent crashes and PDF parsing robustness fixes

Download
- http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html

:fear:

FYI...

Thunderbird v17.0.2 released
- https://www.mozilla.org/en-US/thunderbird/17.0.2/releasenotes
Jan 8 2013

Automated Updates: https://support.mozillamessaging.com/en-US/kb/updating-thunderbird
Manual check: Go to >Help >About Thunderbird

Download
- https://www.mozilla.org/thunderbird/all.html

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2

- http://www.securitytracker.com/id/1027957
CVE Reference: CVE-2013-0743, CVE-2013-0744, CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0749, CVE-2013-0750, CVE-2013-0752, CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756, CVE-2013-0757, CVE-2013-0758, CVE-2013-0759, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0764, CVE-2013-0766, CVE-2013-0767, CVE-2013-0768, CVE-2013-0769, CVE-2013-0770, CVE-2013-0771
Jan 9 2013
Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 17.0.2

:fear::fear:

FYI...

WordPress v3.5.1 released
- https://wordpress.org/download/
"The latest stable release of WordPress (Version 3.5.1) is available..."

- https://wordpress.org/news/2013/01/wordpress-3-5-1/
Jan 24, 2013 - "... first maintenance release of 3.5, fixing 37 bugs... a security release for all previous WordPress versions..."

- https://secunia.com/advisories/51967/
Release Date: 2013-01-25
Criticality level: Moderately critical
Impact: Cross Site Scripting, Exposure of sensitive information
Where: From remote
... vulnerabilities are reported in versions prior to 3.5.1.
Solution: Update to version 3.5.1.
- http://www.securitytracker.com/id/1028045
Jan 25 2013
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Host/resource access via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 3.5.1 ...

"WordPress Plugin" search results ...
- https://secunia.com/advisories/search/?search=WordPress+Plugin
Found -530- Secunia Security Advisories ...
March 14, 2013
___

- http://h-online.com/-1791820
25 Jan 2013
- http://www.h-online.com/imgs/43/9/7/5/0/2/1/wp3-5-1.jpg-e8882f4c597dc045.jpeg

:fear::fear:

FYI...

UPnP advisory - US CERT
- https://www.us-cert.gov/current/#cert_releases_upnp_security_advisory
29 Jan 2013 - "Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices. Information is also available in CERT Vulnerability Note VU#922681*..."
* http://www.kb.cert.org/vuls/id/922681
29 Jan 2013 - "... Disable UPnP: Consider disabling UPnP on the device if it is not absolutely necessary..."
___

- https://community.rapid7.com/docs/DOC-2150
Jan 29, 2013 - "... We strongly recommend people to check whether they may be vulnerable, and if so, disable the UPnP protocol* in any affected devices..."
* https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play
Jan 29, 2013 - "... Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks.. In most cases, network equipment that is "no longer shipping" will not be updated at all, exposing these users to remote compromise until UPnP is disabled or the product is swapped for something new..."

> https://community.rapid7.com/servlet/JiveServlet/downloadImage/38-6031-2747/422-490/stats.png

UPnP Router Security Check: http://upnp-check.rapid7.com/
___

- http://atlas.arbor.net/briefs/index#-1299837074
Severity: High Severity
Jan 30, 2013
Universal Plug and Play provides a significant attack surface and should be protected from network access via robust access control protections on UDP port 1900 and/or hardened configuration.
Analysis: A large-scale scan of the Internet determined that a huge number of systems are vulnerable, and that exploitation in some cases can be performed with one UDP packet. This UDP packet can be spoofed. Actual attack details are not available to the public however we can rest assured that attackers are hard at work. While such bugs may not make their way into typical commodity crimeware exploit kits, targeted and opportunistic attackers with enough intelligence to create exploit code for these vulnerabilities are surely at work. One difficulty is that there are a large number of devices, each that may have their own specific configuration and device quirks that would require some research on the part of the attackers. The potential for a network-wide worm certainly exists. Organizations are encouraged to block uPnP as much as possible and ensure that attack surface is reduced because it is likely that the scanning activity will increase. While UDP port 1900 appears to the main vector, TCP/UDP port 2869 is also involved and should be monitored carefully and restricted as much as possible to reduce attack surface.
Source: http://arstechnica.com/security/2013/01/to-prevent-hacking-disable-universal-plug-and-play-now/

- http://h-online.com/-1794032
30 Jan 2013

:fear:

FYI...

Changelog for Adblock Plus 2.2.3
- https://adblockplus.org/releases/adblock-plus-223-for-firefox-released
Feb 13, 2013 - The following lists the changes compared to Adblock Plus 2.2.3. If you experience issues with this release please check the list of known issues.
• Worked around AVG Security Toolbar 14.0.3.* breaking Adblock Plus among other things.
• Made sure that first-run page always opens is the current browser window (bug 819561)...
___

AdblockPlus v2.2.2 released
- https://adblockplus.org/en/changelog-2.2.2
2013-01-30

- http://news.slashdot.org/story/13/01/31/238238/online-ads-are-more-dangerous-than-porn-cisco-says
Feb 01, 2013 - "The popular belief is that security risks increase as the user engages in riskier and shadier behavior online, but that apparently isn't the case, Cisco found in its 2013 Annual Security report*. It can be more dangerous to click on an online advertisement than an adult content site these days, according to Cisco. For example, users clicking on online ads were 182 times more likely to wind up getting infected with malware than if they'd surfed over to an adult content site, Cisco said. The highest concentration of online security targets do not target pornography, pharmaceutical, or gambling sites as much as they affect legitimate sites such as search engines, online retailers, and social media. Users are 21 times more likely to get hit with malware from online shopping sites and 27 more times likely with a search engine than if they'd gone to a counterfeit software site..."
* http://www.cisco.com/en/US/prod/vpndevc/annual_security_report.html

AdBlockPlus for Firefox: https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

> https://adblockplus.org/en/getting_started#install

:fear:

FYI...

Expect a v2 of iOS 6.1 ...

iOS 6.1 Leads to Battery Life Drain, Overheating for iPhone Users
- http://thenextweb.com/apple/2013/02/08/some-iphone-users-are-seeing-battery-drain-and-overheating-issues-after-upgrading-to-ios-6-1/
8 Feb 2013

- http://arstechnica.com/apple/2013/02/ios-6-1-brings-back-bug-that-gives-anyone-access-to-your-contacts-photos/
Feb 14, 2013 - "An -old- vulnerability in the iPhone's lock screen and Emergency Call feature appears to have resurfaced for a third time in iOS 6.1. With the right sequence of button clicking, it's possible to get to an iPhone user's voicemails, contacts, and photos—even if the iPhone is locked and password protected..."
- https://secunia.com/advisories/52173/

Access restriction in iOS 6 partially useless
- http://h-online.com/-1805842
19 Feb 2013

Rapid growth in transaction logs, CPU use, and memory consumption in Exchange Server 2010 when a user syncs a mailbox by using an iOS 6.1-based device
- http://support.microsoft.com/kb/2814847
Last Review: February 12, 2013 - Revision: 5.0
Status: Apple and Microsoft are investigating this issue. We will post more information in this article when the information becomes available...
Workaround: To work around this issue, do not process Calendar items such as meeting requests on iOS 6.1 devices. Also, immediately restart the iOS 6.1 device...

:fear::fear:

FYI...

iOS 6.1.2 Software Update
- https://support.apple.com/kb/DL1639
Feb 19, 2013 - "Fixes an Exchange calendar bug that could result in increased network activity and reduced battery life...
System Requirements: iPhone 3GS and later, iPad 2 and later, iPod touch 4th generation and later, iPhone 5 ..."

- http://support.microsoft.com/kb/2814847
Last Review: February 19, 2013 Revision: 15.0 - "... Resolution: Apple has posted the following article to address the issue:
- https://support.apple.com/kb/TS4532
Feb 19, 2013 - ... Resolution: To resolve this issue, update to iOS 6.1.2..."
___

iTunes 11.0.2 released
- https://support.apple.com/kb/DL1614
Feb 19, 2013

APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13
- http://prod.lists.apple.com/archives/security-announce/2013/Feb/msg00002.html
2013-02-19
- http://support.apple.com/kb/HT5666

:fear::fear:

FYI...

Thunderbird 17.0.3 released
- https://www.mozilla.org/en-US/thunderbird/17.0.3/releasenotes
Feb 19, 2013

Automated Updates: https://support.mozillamessaging.com/en-US/kb/updating-thunderbird
Manual check: Go to >Help >About Thunderbird

Download
- https://www.mozilla.org/thunderbird/all.html

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3

- http://www.securitytracker.com/id/1028165
CVE Reference: CVE-2013-0765, CVE-2013-0772, CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776, CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782, CVE-2013-0783, CVE-2013-0784
Feb 20 2013
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 17.0.3

:fear:

FYI...

Amazon fixes its book deleting iTunes Kindle app update
- http://www.theinquirer.net/inquirer/news/2251231/amazon-fixes-its-book-deleting-itunes-kindle-app-update
Feb 28 2013 - "... Amazon has revisited the webpage and the update. Version 3.6.2* of the Kindle app for iOS includes both a fix for the registration issue and "Various Bug Fixes and Security Fixes"..."
* https://itunes.apple.com/us/app/kindle-read-books-ebooks-magazines/id302584613?mt=8
Updated: Feb 27, 2013
Version: 3.6.2
Size: 21.4 MB
What's New in Version 3.6.2
• Fix for Registration Issue
• Various Bug Fixes and Security Fixes...

:fear::sad:

FYI...

Apple blocks older insecure versions of Flash...
- https://isc.sans.edu/diary.html?storyid=15316
Last Updated: 2013-03-02 18:23:36 - "Apple has recently stepped up its response to security issues involving 3rd party plug-ins. They have aggressively used its anti-malware tool sets to enforce minimum versions of Adobe Flash*, Oracle Java, and similar popular plug-ins..."
* https://support.apple.com/kb/ht5655
Mar 1, 2013 - "... When attempting to view Flash content in Safari, you may see this alert: "Blocked Plug-in"
Selecting it will display this alert:
'Adobe Flash Player' is out of date.
- Click 'Download Flash…' to have Safari open the Adobe Flash Player installer website.
- Download the latest Adobe Flash Player installer--click the "Download now" button.
- Open the downloaded disk image.
- Open the installer and follow the onscreen instructions...'"

- https://support.apple.com/kb/HT5660
Mar 1, 2013

:fear::fear:

FYI...

APPLE-SA-2013-03-04-1: Apple Mac OS X update for Java
- https://secunia.com/advisories/52484/
Release Date: 2013-03-05
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2013-0809, CVE-2013-1493
For more information: https://secunia.com/SA52451/
Original Advisory: APPLE-SA-2013-03-04-1:
- http://support.apple.com/kb/HT5677
- http://prod.lists.apple.com/archives/security-announce/2013/Mar/index.html

- http://prod.lists.apple.com/archives/security-announce/2013/Mar/msg00000.html

:fear::fear:

FYI...

Safari v6.0.3 released
- https://support.apple.com/kb/HT5671
14 Mar 2013
> http://prod.lists.apple.com/archives/security-announce/2013/Mar/msg00003.html

- https://secunia.com/advisories/52658/
Release Date: 2013-03-15
Criticality level: Highly critical
Impact: Cross Site Scripting, System access
Where: From remote ...
Solution: Update to version 6.0.3.

- http://www.securitytracker.com/id/1028292
CVE Reference: CVE-2013-0960, CVE-2013-0961
Mar 14 2013
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 6.0.3...
___

APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
- https://support.apple.com/kb/HT5672
14 Mar 2013
> http://prod.lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

- http://prod.lists.apple.com/archives/security-announce/2013/Mar/index.html

- https://secunia.com/advisories/52643/
Release Date: 2013-03-15
Criticality level: Highly critical
Impact: Spoofing, Security Bypass, Exposure of system information, Exposure of sensitive, information, Cross Site Scripting, System access
Where: From remote ...
Solution: Update to OS X Mountain Lion 10.8.3 or apply Security Update 2013-001.

- http://atlas.arbor.net/briefs/index#-1321171050
High Severity
March 15, 2013
Apple releases security patches for a variety of issues in OSX.
Analysis: Considering a typical attack on a end-user system, there are several issues that require attention to include: 1) A method for an attacker to launch a Java application even though Java may be disabled 2) Quicktime security vulnerabilities in the handling of MP4 files and 3) security issues in the way PDFKit handles certain malformed PDF documents. In addition to these issues there are multiple other issues that affect specific scenarios on a server install or issues that would open up the system to a local attack...

- http://www.securitytracker.com/id/1028294
CVE Reference: CVE-2013-0963, CVE-2013-0967, CVE-2013-0969, CVE-2013-0970, CVE-2013-0971, CVE-2013-0973, CVE-2013-0976
Updated: Mar 15 2013
Impact: Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 10.6.x, 10.7.x, 10.8.x...

About the OS X Mountain Lion v10.8.3 Update
- https://support.apple.com/kb/HT5612
Mar 14, 2013

OS X Mountain Lion Update v10.8.3 (Combo)
- https://support.apple.com/kb/DL1640
Mar 14, 2013

Security Update 2013-001 (Snow Leopard)
- https://support.apple.com/kb/DL1642
Mar 14, 2013

Security Update 2013-001 (Lion)
- https://support.apple.com/kb/DL1643
Mar 14, 2013

:fear::fear:

FYI...

APPLE-SA-2013-03-19-1 iOS 6.1.3
- http://prod.lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
19 Mar 2013

- https://support.apple.com/kb/HT5704

- http://www.securitytracker.com/id/1028314
CVE Reference: CVE-2013-0977, CVE-2013-0978, CVE-2013-0979, CVE-2013-0981
Mar 19 2013
Impact: Disclosure of system information, Execution of arbitrary code via local system, Modification of system information, Root access via local system, User access via local system
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 6.1.3...
Impact: A local user can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix (iOS 6.1.3) as part of APPLE-SA-2013-03-19-1 iOS 6.1.3.

- https://secunia.com/advisories/52173/
Last Update: 2013-03-20
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote...
Operating System: Apple iOS 6.x for iPhone 3GS and later, iPad 6.x, iPod touch 6.x
Solution: Apply iOS 6.1.3 Software Update.
___

APPLE-SA-2013-03-19-2 Apple TV 5.2.1
- http://prod.lists.apple.com/archives/security-announce/2013/Mar/msg00005.html
19 Mar 2013

- https://secunia.com/advisories/52685/
Release Date: 2013-03-20
CVE Reference(s): CVE-2013-0977, CVE-2013-0978, CVE-2013-0981
Impact: Security Bypass
Where: Local system
Solution: Update to version 5.2.1.
___

Apple changes iOS 6.1 VPN feature
- http://h-online.com/-1837018
8 April 2013

:fear:

FYI...

Google Picasa 136.17 ...
- https://secunia.com/advisories/51652/
Release Date: 2013-03-20
Criticality level: Highly critical
Impact: System access
Where: From remote...
For more information: https://secunia.com/SA35515/
... vulnerabilities are confirmed in version 3.9.0 Build 136.09 for Windows and reported in versions prior to 3.9.0 Build 3.9.14.34 for Mac. Other versions may also be affected.
Solution: Update to a fixed version.
Original Advisory: http://support.google.com/picasa/answer/53209
Windows: Build 136.17 - March 14, 2012

:fear:

FYI...

Thunderbird v17.0.5 released
- https://www.mozilla.org/en-US/thunderbird/17.0.5/releasenotes
April 2, 2013
FIXED - Security fixes* ...
FIXED - Adjusting font size when composing emails should be easier (Bug 824926)

Automated Updates: https://support.mozillamessaging.com/en-US/kb/updating-thunderbird
Manual check: Go to >Help >About Thunderbird

Download: https://www.mozilla.org/thunderbird/all.html

Fixed in Thunderbird 17.0.5
* https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5
MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage
MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
MFSA 2013-34 Privilege escalation through Mozilla Updater
MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
MFSA 2013-31 Out-of-bounds write in Cairo library
MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)

- http://www.securitytracker.com/id/1028382
CVE Reference: CVE-2013-0788, CVE-2013-0789, CVE-2013-0790, CVE-2013-0791, CVE-2013-0793, CVE-2013-0795, CVE-2013-0796, CVE-2013-0797, CVE-2013-0799, CVE-2013-0800
Apr 3 2013
Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 17.0.5

:fear::fear:

FYI...

Safari 6.0.4 released
- https://support.apple.com/kb/HT5701
Apr 16, 2013

- https://support.apple.com/kb/HT1222
___

- http://h-online.com/-1843736
17 April 2013

:fear:

FYI...

Adblock Plus v2.2.4 released
- https://adblockplus.org/en/changelog-2.2.4
2013-05-08
• Fixed: Server names with a trailing dot were mistakenly treated as typos.
• Fixed a Firefox 22 compatibility issue (no colors/imaages in filters list and list of blockable items).

The Future of Facebook Ads (and how Adblock Plus will deal with them)
- https://adblockplus.org/blog/the-future-of-facebook-ads-and-how-adblock-plus-will-deal-with-them
2013-05-07

:fear:

FYI...

Thunderbird v17.0.6 released
- https://www.mozilla.org/en-US/thunderbird/17.0.6/releasenotes
May 14, 2013

- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6
Fixed in Thunderbird 17.0.6
MFSA 2013-48 Memory corruption found using Address Sanitizer
MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
MFSA 2013-46 Use-after-free with video and onresize event
MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
MFSA 2013-42 Privileged access for content level constructor
MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)

Automated Updates: https://support.mozillamessaging.com/en-US/kb/updating-thunderbird
Manual check: Go to >Help >About Thunderbird

Download: https://www.mozilla.org/thunderbird/all.html

- https://secunia.com/advisories/53443/
Release Date: 2013-05-15
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote ...
For more information: https://secunia.com/SA53400/
... vulnerabilities are reported in versions prior to 17.0.6.
Solution: Update to version 17.0.6.

- http://www.securitytracker.com/id/1028559
CVE Reference: CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1672, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
May 14 2013
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 17.0.6

:fear:

FYI...

iTunes 11.0.3 released
- https://support.apple.com/kb/HT5766
May 16, 2013

- http://prod.lists.apple.com/archives/security-announce/2013/May/msg00000.html
May 16, 2013

Use Apple Software Update
-or-
- https://www.apple.com/itunes/download/
iTunes 11.0.3 for Windows XP, Vista or Windows 7

- http://www.securitytracker.com/id/1028575
CVE Reference: CVE-2013-0879, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011, CVE-2013-1014
May 16 2013
Impact: Execution of arbitrary code via network, Modification of authentication information, User access via network
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can execute arbitrary code on the target system.
A remote user can spoof digital certificates.
Solution: The vendor has issued a fix (11.0.3).

:fear: