Page 3 of 31 FirstFirst 123456713 ... LastLast
Results 21 to 30 of 306

Thread: Alerts

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy WordPress plugin advisories ...

    FYI...

    "WordPress Plugin" search results ...
    - https://secunia.com/advisories/searc...rdPress+Plugin
    Found: 415 Secunia Security Advisories ...
    Aug 31, 2012

    - http://nakedsecurity.sophos.com/2012...alware-attack/
    "... ensure that any software you run on your web server is also properly secured, and kept patched and current (that includes blogging software like WordPress and any plugins that it might use)."

    Last edited by AplusWebMaster; 2012-08-31 at 20:03.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Lightbulb Safari v6, Apple Xcode v4.4 released

    FYI...

    Safari v6 released
    - http://support.apple.com/kb/HT5400
    July 25, 2012
    > http://lists.apple.com/archives/secu.../msg00000.html
    APPLE-SA-2012-07-25-1 Safari 6.0

    - https://secunia.com/advisories/50058/
    Release Date: 2012-07-26
    Criticality level: Highly critical
    Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
    Where: From remote...
    Solution: Upgrade to Safari version 6.0 via Apple Software Update.

    - http://www.securitytracker.com/id/1027307
    CVE Reference: CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3913, CVE-2012-0678, CVE-2012-0679, CVE-2012-0680, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-2815, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3599, CVE-2012-3600, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3615, CVE-2012-3618, CVE-2012-3620, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3650, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3674, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3686, CVE-2012-3689, CVE-2012-3690, CVE-2012-3691, CVE-2012-3693, CVE-2012-3694, CVE-2012-3695, CVE-2012-3696, CVE-2012-3697
    Jul 26 2012
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Version(s): prior to 6.0 ...
    ___

    Apple Xcode v4.4 released
    - https://secunia.com/advisories/50068/
    Release Date: 2012-07-26
    Impact: Hijacking, Security Bypass, Exposure of sensitive information
    Where: From remote
    CVE Reference(s): CVE-2011-3389, CVE-2012-3698
    ... weakness and the vulnerability are reported in versions prior to 4.4.
    Solution: Update to version 4.4 via the Apple Developer site or via the App Store.
    Original Advisory: APPLE-SA-2012-07-25-2:
    http://support.apple.com/kb/HT5416

    - http://www.securitytracker.com/id/1027302
    CVE Reference: CVE-2012-3698
    Jul 26 2012
    Impact: Disclosure of authentication information, Disclosure of user information
    Version(s): prior to 4.4

    - http://www.securitytracker.com/id/1027303
    CVE Reference: CVE-2011-3389
    Jul 26 2012
    Impact: Disclosure of user information
    Version(s): prior to 4.4

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation PHP v5.4.6, 5.3.16 released

    FYI...

    PHP v5.4.6, 5.3.16 released
    - http://www.php.net/
    16-Aug-2012 - "... immediate availability of PHP 5.4.6 and PHP 5.3.16. These releases fix over 20 bugs. All users of PHP are encouraged to upgrade..."

    Download
    - http://www.php.net/downloads.php

    ChangeLog
    - http://www.php.net/ChangeLog-5.php

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow OpenOffice v3.4.1 released

    FYI...

    OpenOffice v3.4.1 released
    - https://blogs.apache.org/OOo/entry/a...penoffice_3_41
    Aug 23, 2012 - "... OpenOffice 3.4.1 can be downloaded now from http://www.openoffice.org/download/ or by going to the 'Help/Check for Updates' dialog within OpenOffice 3.4 or 3.3..."

    Release notes
    - http://www.openoffice.org/developmen...ses/3.4.1.html
    "... there were 69 verified issues that have been resolved..."
    (More detail at the URL above.)

    - http://h-online.com/-1674083
    23 August 2012
    ___

    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-2665 - 7.5 (HIGH)
    Last revised: 09/07/2012

    - http://www.openoffice.org/security/c...2012-2665.html
    Versions Affected:
    Apache OpenOffice 3.4.0, all languages, all platforms.
    Earlier versions of OpenOffice.org may be also affected.
    ... upgrade to Apache OpenOffice 3.4.1...

    - https://secunia.com/advisories/50438/
    Release Date: 2012-08-28
    Criticality level: Highly critical
    Solution: Update to version 3.4.1.

    Last edited by AplusWebMaster; 2012-09-24 at 19:47.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post Thunderbird v15.0 released

    FYI...

    Thunderbird v15.0 released
    - https://www.mozilla.org/en-US/thunde...0/releasenotes
    August 28, 2012 ... See Known Issues

    Security Advisories
    - https://www.mozilla.org/security/kno...#thunderbird15
    Fixed in Thunderbird 15 ...

    Bugs fixed
    - https://www.mozilla.org/en-US/thunde...s/buglist.html

    Download
    - https://www.mozilla.org/thunderbird/all.html
    ___

    - http://www.securitytracker.com/id/1027452
    CVE Reference: CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-3966, CVE-2012-3967, CVE-2012-3968, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3974, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980
    Aug 29 2012
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Version(s): prior to ESR 10.0.7; prior to 15.0

    - https://secunia.com/advisories/50308/
    Release Date: 2012-08-29
    Criticality level: Highly critical
    Impact: Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
    Where: From remote...
    For more information: https://secunia.com/SA50088/
    Solution: Upgrade to version 15...
    ___

    - http://h-online.com/-1677823
    29 August 2012

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Apple/Java v1.6.0_35

    FYI...

    Apple/Java v1.6.0_35
    - https://support.apple.com/kb/HT5473
    Sep 05, 2012
    Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10
    Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion v10.8 or later
    Description: An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35. Further information is available via the Java website at
    http://www.oracle.com/technetwork/to...1-1835715.html
    CVE-ID: CVE-2012-0547

    - https://support.apple.com/kb/HT1338

    APPLE-SA-2012-09-05-1 Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10
    - http://lists.apple.com/archives/secu.../msg00000.html
    Sep 05, 2012
    ___

    - https://secunia.com/advisories/50545/
    Release Date: 2012-09-06
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    CVE Reference(s): CVE-2012-0547, CVE-2012-4681
    ... For more information see: https://secunia.com/SA50133/
    Original Advisory: APPLE-SA-2012-09-05-1:
    http://lists.apple.com/archives/secu.../msg00000.html

    Last edited by AplusWebMaster; 2012-09-06 at 19:53.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #27
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation WordPress v3.4.2 released

    FYI...

    WordPress v3.4.2 released
    - http://wordpress.org/download/
    September 6, 2012 - "The latest stable release of WordPress (Version 3.4.2) is available..."

    WordPress 3.4.2 Maintenance and Security Release
    - https://wordpress.org/news/2012/09/wordpress-3-4-2/
    September 6, 2012 - "WordPress 3.4.2, now available for download, is a maintenance and security release for all previous versions... we’ve identified and fixed a number of nagging bugs, including:
    • Fix some issues with older browsers in the administration area.
    • Fix an issue where a theme may not preview correctly, or its screenshot may not be displayed.
    • Improve plugin compatibility with the visual editor.
    • Address pagination problems with some category permalink structures.
    • Avoid errors with both oEmbed providers and trackbacks.
    • Prevent improperly sized header images from being uploaded.
    Version 3.4.2 also fixes a few security issues and contains some security hardening...

    - https://secunia.com/advisories/50515/
    Release Date: 2012-09-07
    Impact: Unknown, Security Bypass
    Where: From remote
    ... security issue and vulnerability are reported in versions prior to 3.4.2.
    Solution: Update to version 3.4.2.
    Original Advisory: http://wordpress.org/news/2012/09/wordpress-3-4-2/

    - http://h-online.com/-1702501
    7 Sep 2012
    ___

    "WordPress Plugin" search results ...
    - https://secunia.com/advisories/searc...rdPress+Plugin
    Found: 432 Secunia Security Advisories ...
    Oct 15, 2012

    Last edited by AplusWebMaster; 2012-10-16 at 00:21.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #28
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iTunes v10.7 released

    FYI...

    Apple iTunes v10.7 released
    - https://secunia.com/advisories/50618/
    Release Date: 2012-09-13
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    ... vulnerabilities are reported in versions prior to 10.7.
    Solution: Update to version 10.7.
    Original Advisory: APPLE-SA-2012-09-12-1:
    http://lists.apple.com/archives/secu.../msg00001.html

    - http://www.securitytracker.com/id/1027525
    CVE Reference: CVE-2012-2817, CVE-2012-2818, CVE-2012-2829, CVE-2012-2831, CVE-2012-3601, CVE-2012-3602, CVE-2012-3606, CVE-2012-3607, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3616, CVE-2012-3617, CVE-2012-3621, CVE-2012-3622, CVE-2012-3623, CVE-2012-3624, CVE-2012-3632, CVE-2012-3643, CVE-2012-3647, CVE-2012-3648, CVE-2012-3649, CVE-2012-3651, CVE-2012-3652, CVE-2012-3654, CVE-2012-3657, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3675, CVE-2012-3676, CVE-2012-3677, CVE-2012-3684, CVE-2012-3685, CVE-2012-3687, CVE-2012-3688, CVE-2012-3692, CVE-2012-3699, CVE-2012-3700, CVE-2012-3701, CVE-2012-3702, CVE-2012-3703, CVE-2012-3704, CVE-2012-3705, CVE-2012-3706, CVE-2012-3707, CVE-2012-3708, CVE-2012-3709, CVE-2012-3710, CVE-2012-3711, CVE-2012-3712
    Sep 13 2012
    Impact: Execution of arbitrary code via network, User access via network
    Version(s): prior to 10.7

    - https://support.apple.com/kb/HT5485
    Sep 12, 2012
    ___

    163 security holes in iTunes
    - http://h-online.com/-1706849
    13 Sep 2012

    Last edited by AplusWebMaster; 2012-09-13 at 17:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #29
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Lightbulb iOS 6 released

    FYI...

    iOS 6 released
    APPLE-SA-2012-09-19-1 iOS 6
    - http://lists.apple.com/archives/secu.../msg00003.html
    19 Sep 2012
    "iOS 6 is now available...
    Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later..."

    - https://support.apple.com/kb/HT5503
    "... can be downloaded and installed using iTunes*..."
    * https://support.apple.com/kb/ht1414

    - https://secunia.com/advisories/50586/
    Release Date: 2012-09-20
    Criticality level: Highly critical
    Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, Exposure of sensitive information, Privilege escalation, System access
    Where: From remote ...
    Solution: Upgrade to iOS 6 via Software Update.

    - http://www.securitytracker.com/id/1027552
    CVE Reference: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-4599, CVE-2012-3724, CVE-2012-3725, CVE-2012-3726, CVE-2012-3727, CVE-2012-3728, CVE-2012-3729, CVE-2012-3730, CVE-2012-3731, CVE-2012-3732, CVE-2012-3733, CVE-2012-3734, CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740, CVE-2012-3741, CVE-2012-3742, CVE-2012-3743, CVE-2012-3744, CVE-2012-3745, CVE-2012-3746, CVE-2012-3747
    Sep 20 2012
    Impact: Disclosure of system information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, User access via local system, User access via network...
    Solution: The vendor has issued a fix (6.0).
    ___

    - http://h-online.com/-1713012
    20 Sep 2012

    - https://isc.sans.edu/diary.html?storyid=14128
    "iOS6 released: a few CVEs addresses, breaks mapping."

    Last edited by AplusWebMaster; 2012-09-20 at 16:33.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #30
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Safari v6.0.1 / Mac OS X Security Update 2012-004

    FYI...

    Apple security updates
    - https://support.apple.com/kb/HT1222
    3x - 19 Sept 2012
    ___

    Safari v6.0.1 for Mac OS X
    - https://secunia.com/advisories/50577/
    Release Date: 2012-09-20
    Criticality level: Highly critical
    Impact: Security Bypass, Exposure of sensitive information, System access
    Where: From remote...
    Solution: Update to version 6.0.1...
    Original Advisory: Apple:
    http://support.apple.com/kb/HT5502

    > http://lists.apple.com/archives/secu.../msg00005.html
    APPLE-SA-2012-09-19-3 Safari 6.0.1
    Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8 and v10.8.1

    - http://www.securitytracker.com/id/1027550
    CVE Reference: CVE-2012-3713, CVE-2012-3714, CVE-2012-3715, CVE-2012-3598
    Date: Sep 20 2012
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
    Version(s): prior to 6.0.1
    ___

    Mac OS X multiple vulns - Security Update 2012-004
    - https://secunia.com/advisories/50628/
    Release Date: 2012-09-20
    Criticality level: Highly critical
    Impact: Security Bypass, Exposure of sensitive information, Privilege escalation, DoS, System access
    Where: From remote...
    Solution: Update to version 10.8.2 or 10.7.5 or apply Security Update 2012-004.

    - http://lists.apple.com/archives/secu.../msg00004.html
    APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004

    - http://www.securitytracker.com/id/1027551
    CVE Reference: CVE-2012-0650, CVE-2012-3716, CVE-2012-3718, CVE-2012-3719, CVE-2012-3720, CVE-2012-3721, CVE-2012-3722, CVE-2012-3723
    Sep 20 2012
    Impact: Denial of service via network, Disclosure of authentication information, Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
    ... vendor's advisory is available at:
    http://support.apple.com/kb/HT5501

    Last edited by AplusWebMaster; 2012-09-20 at 16:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •