Page 7 of 31 FirstFirst ... 3456789101117 ... LastLast
Results 61 to 70 of 306

Thread: Alerts

  1. #61
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Safari v6.0.3 / Security Update 2013-001

    FYI...

    Safari v6.0.3 released
    - https://support.apple.com/kb/HT5671
    14 Mar 2013
    > http://prod.lists.apple.com/archives.../msg00003.html

    - https://secunia.com/advisories/52658/
    Release Date: 2013-03-15
    Criticality level: Highly critical
    Impact: Cross Site Scripting, System access
    Where: From remote ...
    Solution: Update to version 6.0.3.

    - http://www.securitytracker.com/id/1028292
    CVE Reference: CVE-2013-0960, CVE-2013-0961
    Mar 14 2013
    Impact: Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 6.0.3...
    ___

    APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
    - https://support.apple.com/kb/HT5672
    14 Mar 2013
    > http://prod.lists.apple.com/archives.../msg00002.html

    - http://prod.lists.apple.com/archives...Mar/index.html

    - https://secunia.com/advisories/52643/
    Release Date: 2013-03-15
    Criticality level: Highly critical
    Impact: Spoofing, Security Bypass, Exposure of system information, Exposure of sensitive, information, Cross Site Scripting, System access
    Where: From remote ...
    Solution: Update to OS X Mountain Lion 10.8.3 or apply Security Update 2013-001.

    - http://atlas.arbor.net/briefs/index#-1321171050
    High Severity
    March 15, 2013
    Apple releases security patches for a variety of issues in OSX.
    Analysis: Considering a typical attack on a end-user system, there are several issues that require attention to include: 1) A method for an attacker to launch a Java application even though Java may be disabled 2) Quicktime security vulnerabilities in the handling of MP4 files and 3) security issues in the way PDFKit handles certain malformed PDF documents. In addition to these issues there are multiple other issues that affect specific scenarios on a server install or issues that would open up the system to a local attack...

    - http://www.securitytracker.com/id/1028294
    CVE Reference: CVE-2013-0963, CVE-2013-0967, CVE-2013-0969, CVE-2013-0970, CVE-2013-0971, CVE-2013-0973, CVE-2013-0976
    Updated: Mar 15 2013
    Impact: Execution of arbitrary code via network, Modification of system information, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 10.6.x, 10.7.x, 10.8.x...

    About the OS X Mountain Lion v10.8.3 Update
    - https://support.apple.com/kb/HT5612
    Mar 14, 2013

    OS X Mountain Lion Update v10.8.3 (Combo)
    - https://support.apple.com/kb/DL1640
    Mar 14, 2013

    Security Update 2013-001 (Snow Leopard)
    - https://support.apple.com/kb/DL1642
    Mar 14, 2013

    Security Update 2013-001 (Lion)
    - https://support.apple.com/kb/DL1643
    Mar 14, 2013

    Last edited by AplusWebMaster; 2013-03-16 at 20:38.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #62
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 6.1.3 released

    FYI...

    APPLE-SA-2013-03-19-1 iOS 6.1.3
    - http://prod.lists.apple.com/archives.../msg00004.html
    19 Mar 2013

    - https://support.apple.com/kb/HT5704

    - http://www.securitytracker.com/id/1028314
    CVE Reference: CVE-2013-0977, CVE-2013-0978, CVE-2013-0979, CVE-2013-0981
    Mar 19 2013
    Impact: Disclosure of system information, Execution of arbitrary code via local system, Modification of system information, Root access via local system, User access via local system
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 6.1.3...
    Impact: A local user can obtain elevated privileges on the target system.
    Solution: The vendor has issued a fix (iOS 6.1.3) as part of APPLE-SA-2013-03-19-1 iOS 6.1.3.

    - https://secunia.com/advisories/52173/
    Last Update: 2013-03-20
    Criticality level: Highly critical
    Impact: Security Bypass, System access
    Where: From remote...
    Operating System: Apple iOS 6.x for iPhone 3GS and later, iPad 6.x, iPod touch 6.x
    Solution: Apply iOS 6.1.3 Software Update.
    ___

    APPLE-SA-2013-03-19-2 Apple TV 5.2.1
    - http://prod.lists.apple.com/archives.../msg00005.html
    19 Mar 2013

    - https://secunia.com/advisories/52685/
    Release Date: 2013-03-20
    CVE Reference(s): CVE-2013-0977, CVE-2013-0978, CVE-2013-0981
    Impact: Security Bypass
    Where: Local system
    Solution: Update to version 5.2.1.
    ___

    Apple changes iOS 6.1 VPN feature
    - http://h-online.com/-1837018
    8 April 2013

    Last edited by AplusWebMaster; 2013-04-08 at 18:44.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #63
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Google Picasa 136.17 ...

    FYI...

    Google Picasa 136.17 ...
    - https://secunia.com/advisories/51652/
    Release Date: 2013-03-20
    Criticality level: Highly critical
    Impact: System access
    Where: From remote...
    For more information: https://secunia.com/SA35515/
    ... vulnerabilities are confirmed in version 3.9.0 Build 136.09 for Windows and reported in versions prior to 3.9.0 Build 3.9.14.34 for Mac. Other versions may also be affected.
    Solution: Update to a fixed version.
    Original Advisory: http://support.google.com/picasa/answer/53209
    Windows: Build 136.17 - March 14, 2012

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #64
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird v17.0.5 released

    FYI...

    Thunderbird v17.0.5 released
    - https://www.mozilla.org/en-US/thunde...5/releasenotes
    April 2, 2013
    FIXED - Security fixes* ...
    FIXED - Adjusting font size when composing emails should be easier (Bug 824926)

    Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download: https://www.mozilla.org/thunderbird/all.html

    Fixed in Thunderbird 17.0.5
    * https://www.mozilla.org/security/kno...nderbird17.0.5
    MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage
    MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
    MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
    MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
    MFSA 2013-34 Privilege escalation through Mozilla Updater
    MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
    MFSA 2013-31 Out-of-bounds write in Cairo library
    MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)

    - http://www.securitytracker.com/id/1028382
    CVE Reference: CVE-2013-0788, CVE-2013-0789, CVE-2013-0790, CVE-2013-0791, CVE-2013-0793, CVE-2013-0795, CVE-2013-0796, CVE-2013-0797, CVE-2013-0799, CVE-2013-0800
    Apr 3 2013
    Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 17.0.5

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #65
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Safari 6.0.4 released

    FYI...

    Safari 6.0.4 released
    - https://support.apple.com/kb/HT5701
    Apr 16, 2013

    - https://support.apple.com/kb/HT1222
    ___

    - http://h-online.com/-1843736
    17 April 2013

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #66
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow Adblock Plus v2.2.4 released

    FYI...

    Adblock Plus v2.2.4 released
    - https://adblockplus.org/en/changelog-2.2.4
    2013-05-08
    Fixed: Server names with a trailing dot were mistakenly treated as typos.
    Fixed a Firefox 22 compatibility issue (no colors/imaages in filters list and list of blockable items).

    The Future of Facebook Ads (and how Adblock Plus will deal with them)
    - https://adblockplus.org/blog/the-fut...deal-with-them
    2013-05-07

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #67
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird v17.0.6 released

    FYI...

    Thunderbird v17.0.6 released
    - https://www.mozilla.org/en-US/thunde...6/releasenotes
    May 14, 2013

    - https://www.mozilla.org/security/kno...nderbird17.0.6
    Fixed in Thunderbird 17.0.6
    MFSA 2013-48 Memory corruption found using Address Sanitizer
    MFSA 2013-47 Uninitialized functions in DOMSVGZoomEvent
    MFSA 2013-46 Use-after-free with video and onresize event
    MFSA 2013-44 Local privilege escalation through Mozilla Maintenance Service
    MFSA 2013-42 Privileged access for content level constructor
    MFSA 2013-41 Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)

    Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download: https://www.mozilla.org/thunderbird/all.html

    - https://secunia.com/advisories/53443/
    Release Date: 2013-05-15
    Criticality level: Highly critical
    Impact: Security Bypass, System access
    Where: From remote ...
    For more information: https://secunia.com/SA53400/
    ... vulnerabilities are reported in versions prior to 17.0.6.
    Solution: Update to version 17.0.6.

    - http://www.securitytracker.com/id/1028559
    CVE Reference: CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1672, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
    May 14 2013
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 17.0.6

    Last edited by AplusWebMaster; 2013-05-15 at 11:52.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #68
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iTunes 11.0.3 released

    FYI...

    iTunes 11.0.3 released
    - https://support.apple.com/kb/HT5766
    May 16, 2013

    - http://prod.lists.apple.com/archives.../msg00000.html
    May 16, 2013

    Use Apple Software Update
    -or-
    - https://www.apple.com/itunes/download/
    iTunes 11.0.3 for Windows XP, Vista or Windows 7

    - http://www.securitytracker.com/id/1028575
    CVE Reference: CVE-2013-0879, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011, CVE-2013-1014
    May 16 2013
    Impact: Execution of arbitrary code via network, Modification of authentication information, User access via network
    Fix Available: Yes Vendor Confirmed: Yes ...
    Impact: A remote user can execute arbitrary code on the target system.
    A remote user can spoof digital certificates.
    Solution: The vendor has issued a fix (11.0.3).

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #69
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation QuickTime 7.7.4 released

    FYI...

    QuickTime 7.7.4 released
    - https://support.apple.com/kb/HT5770
    May 22, 2013

    - https://support.apple.com/kb/HT1222

    > http://prod.lists.apple.com/archives.../msg00001.html
    ... QuickTime 7.7.4 may be obtained from the QuickTime Downloads site:
    http://www.apple.com/quicktime/download/
    -or-
    Use Apple Software Update.

    - https://secunia.com/advisories/53520/
    Release Date: 2013-05-23
    Criticality level: Highly critical
    Impact: System access
    Where: From remote...
    CVE Reference(s): CVE-2013-0986, CVE-2013-0987, CVE-2013-0988, CVE-2013-0989, CVE-2013-1015, CVE-2013-1016, CVE-2013-1017, CVE-2013-1018, CVE-2013-1019, CVE-2013-1020, CVE-2013-1021, CVE-2013-1022
    ... vulnerabilities are reported in versions prior to 7.7.4.
    Solution: Update to version 7.7.4.

    - http://www.securitytracker.com/id/1028589
    CVE Reference: CVE-2013-0986, CVE-2013-0987, CVE-2013-0988, CVE-2013-0989, CVE-2013-1015, CVE-2013-1016, CVE-2013-1017, CVE-2013-1018, CVE-2013-1019, CVE-2013-1020, CVE-2013-1021, CVE-2013-1022
    May 23 2013
    Impact: Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 7.7.4 ...

    - http://h-online.com/-1868186
    23 May 2013

    Last edited by AplusWebMaster; 2013-05-23 at 21:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #70
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation IrfanView FlashPix PlugIn FPX 4.36 released

    FYI...

    IrfanView FlashPix PlugIn FPX 4.36 released
    - https://secunia.com/advisories/53579/
    Release Date: 2013-05-30
    Criticality level: Highly critical
    Impact: System access
    Where: From remote...
    Software: IrfanView FlashPix PlugIn 4.x
    CVE Reference: CVE-2013-3486
    ... vulnerability is caused due to an integer overflow error within the Fpx.dll module...
    - http://www.irfanview.com/plugins.htm
    PlugIns updated after the version 4.35:
    FPX Plugin (4.36) - Installer or ZIP - Fixed loading of FPX (FlashPix) files (reported by Secunia)
    - http://www.irfanview.net/plugins/irf...plugin_fpx.exe

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •