Alerts

AplusWebMaster

AplusWebMaster

New member
Advisor Team
FYI...

Thunderbird v12.0 released
- https://www.mozilla.org/en-US/thunderbird/12.0/releasenotes
April 24, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12
Fixed in Thunderbird 12
MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
MFSA 2012-31 Off-by-one error in OpenType Sanitizer
MFSA 2012-30 Crash with WebGL content using textImage2D
MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
MFSA 2012-27 Page load short-circuit can lead to XSS
MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
MFSA 2012-24 Potential XSS via multibyte content processing errors
MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
MFSA 2012-22 use-after-free in IDBKeyRange
MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/12.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- https://secunia.com/advisories/48932/
Release Date: 2012-04-25
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to Firefox version 12.0 and Thunderbird version 12.0...

- http://www.securitytracker.com/id/1026973
Date: Apr 24 2012
CVE Reference: CVE-2011-1187, CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2012-0479
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via network
Version(s): prior to 12.0...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with a target site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
A remote user can spoof certain web sites.
A remote user can obtain potentially sensitive information...

:fear:
 
Last edited:
Internet Security Threat report for 2011

FYI...

ISTR report for 2011
- https://secure.marketwatch.com/stor...cious-attacks-2012-04-30?reflink=MW_news_stmp
April 30, 2012 - "... while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent. In addition, the report* highlights that advanced targeted attacks are spreading to organizations of all sizes and variety of personnel, data breaches are increasing, and that attackers are focusing on mobile threats... Symantec blocked more than 5.5 billion malicious attacks in 2011, an increase of 81 percent over the previous year. In addition, the number of unique malware variants increased to 403 million and the number of Web attacks blocked per day increased by 36 percent... Targeted attacks are growing, with the number of daily targeted attacks increasing from 77 per day to 82 per day by the end of 2011. Targeted attacks use social engineering and customized malware to gain unauthorized access to sensitive information. These advanced attacks have traditionally focused on public sector and government; however, in 2011, targeted attacks diversified. Targeted attacks are no longer limited to large organizations. More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees... As tablets and smartphones continue to outsell PCs, more sensitive information will be available on mobile devices. Workers are bringing their smartphones and tablets into the corporate environment faster than many organizations are able to secure and manage them. This may lead to an increase in data breaches as lost mobile devices present risks to information if not properly protected. Recent research by Symantec shows that 50 percent of lost phones will not be returned and 96 percent (including those returned) will experience a data breach... Mobile vulnerabilities increased by 93 percent in 2011. At the same time, there was a rise in threats targeting the Android operating system. With the number of vulnerabilities in the mobile space rising and malware authors not only reinventing existing malware for mobile devices, but creating mobile-specific malware geared to the unique mobile opportunities, 2011 was the first year that mobile malware presented a tangible threat to businesses and consumers..."
* http://www.symantec.com/threatreport/topic.jsp?id=threatreport&aid=executive_summary

:sad: :fear: :mad:
 
Samba v3.4.17, 3.5.15, 3.6.5 released

FYI...

Samba v3.4.17, 3.5.15, 3.6.5 released
- http://www.securitytracker.com/id/1026988
Date: Apr 30 2012
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2111 - 6.5
Impact: Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 3.4.x - 3.6.4
Description: ... A remote authenticated user can modify user privileges on the target system...
Solution: The vendor has issued a fix (3.4.17, 3.5.15, 3.6.5).
The vendor's advisory is available at:
http://www.samba.org/samba/security/CVE-2012-2111
"... Patches addressing this issue have been posted to:
- https://www.samba.org/samba/history/security.html
Additionally, Samba 3.6.5, Samba 3.5.15 and 3.4.17 have been issued as security releases to correct the defect. Patches against older Samba versions are available at:
- http://samba.org/samba/patches/
Samba administrators running affected versions are advised to upgrade to 3.6.5, 3.5.15, or 3.4.17 or apply these patches as soon as possible"...

- https://secunia.com/advisories/48976/
Release Date: 2012-05-01
CVE Reference(s): http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2111 - 6.5
... caused due to improper application of security checks in the CreateAccount, OpenAccount, AddAccountRights, and RemoveAccountRights remote procedure calls (RPC) within the Local Security Authoriy (LSA). This can be exploited to gain "take ownership" privileges and e.g. change the ownership of arbitrary files and directories on the smdb file server.
... reported in versions 3.4.x through 3.6.4.
Solution: Apply patch or update to version 3.4.17, 3.5.15, and 3.6.5.
Original Advisory:
- http://www.samba.org/samba/security/CVE-2012-2111

:fear::spider:
 
Last edited:
Apple patching practices ...

FYI...

Apple patching practices ...
- http://atlas.arbor.net/briefs/index#-1272909644
30 Apr 2012 - OSX anti-malware site provides resources of value... link to a recent Flashback trojan analysis by DrWeb*.
Source: http://macviruscom.wordpress.com/2012/04/29/flashback-drweb-analysis-and-apple-patching-practice/

- http://nakedsecurity.sophos.com/2012/04/27/python-malware-mac/
April 27, 2012

* http://news.drweb.com/?i=2410&c=5&lng=en&p=0
April 27, 2012
> https://www.zdnet.com/blog/bott/fla...big-gaps-in-apple-security-response/4904?pg=2
April 29, 2012 - "... left to their own devices, many users will simply postpone those updates by clicking the 'Not Now' or 'Install Later' button. They see updates as an annoyance that will mean they they can’t use their Mac for 10 minutes to a half-hour... roughly 1 out of every 4 Snow Leopard users are at least six months behind in terms of applying major software updates. Nearly 15% are more than a year behind, meaning they have skipped at least two major OS X updates and are easy prey for any exploit that targets security holes that were fixed in those updates... If (Apple) talks to the press in an effort to reach owners of Macs who aren’t aware they’ve been infected, they risk puncturing the 'Macs don’t get viruses' image they’ve cultivated through the years. So the company has chosen to remain silent, which is shameful..."

These guys know it - and so do the Hacks.

Free Mac anti-virus for home users
> http://www.sophos.com/freemacav
> https://www.avira.com/en/avira-free-mac-security
___

New Malware Found Exploiting Mac OS X Snow Leopard
- https://threatpost.com/en_us/blogs/new-malware-found-exploiting-mac-os-x-snow-leopard-050212
May 2, 2012 - "... with Lion, that specific memory address can't be written, so the exploit fails. We can assume that this malware itself is targeting only Snow Leopard or lower versions of Mac OSX. That means the attacker had knowledge about the target environment beforehand. That includes the target operating system, application patch levels, etc..."

:sad::mad:
 
Last edited:
Sumatra PDF v2.1.1 released

FYI...

Sumatra PDF reader v2.1.1 released
- http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
2012-05-07

Version history
- http://blog.kowalczyk.info/software/sumatrapdf/news.html
Changes in this release: fixes for a few crashes
___

Sumatra PDF reader v2.1 released
- http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html
2012-05-03

What's new
- http://blog.kowalczyk.info/software/sumatrapdf/news.html
Changes in this release:
> support for EPUB ebook format
> added File/Rename menu item to rename currently viewed file (contributed by Vasily Fomin)
> support multi-page TIFF files
> support TGA images
> support for some comic book (CBZ) metadata
> support JPEG XR images (available on Windows Vista or later, for Windows XP the Windows Imaging Component has to be installed)
> the installer is now signed

:fear:
 
Last edited:
Apple iOS 5.1.1 update for iPod, iPhone, iPad

FYI...

Apple iOS 5.1.1 update for iPod, iPhone, iPad
- https://isc.sans.edu/diary.html?storyid=13144
Last Updated: 2012-05-07 20:29:40 UTC - "... only available through iTunes. The updates address Safari and WebKit for iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2... the update is available through iTunes."

- http://support.apple.com/kb/HT5278
May 07, 2012
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0674 - 4.3

- http://support.apple.com/kb/DL1521
Version: 5.1.1 - May 07, 2012
System Requirements: iPhone 4S, iPhone 4, iPhone 3GS, iPad 2, iPad, iPod touch (4th generation), iPod touch (3rd generation)

Apple patches serious security holes in iOS devices
- http://atlas.arbor.net/briefs/index#-480279256
Severity: Elevated Severity
Published: Monday, May 07, 2012
New patches provide protection for recent security holes in iOS.
Analysis: Some of these security holes were used in "hacking contents" such as pwn2own. It is likely that others are aware of the security holes, especially now that patches have been released and are surely being analyzed by attackers to spot the vulnerabilities. Considering the hot trends in mobile attacks, users are encouraged to deploy these updates as soon as possible.
Source: https://www.zdnet.com/blog/security/apple-patches-serious-security-holes-in-ios-devices/11983?utm

- http://h-online.com/-1569932
8 May 2012

- http://nakedsecurity.sophos.com/201...-1-update-fixes-some-serious-vulnerabilities/
May 8, 2012

- http://www.securitytracker.com/id/1027028
CVE Reference: CVE-2012-0672, CVE-2012-0674
Date: May 7 2012
Impact: Execution of arbitrary code via network, Modification of system information, User access via network
Version(s): prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2
Description: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL...

:fear:
 
Last edited:
OpenOffice v3.4 released

FYI...

Apache OpenOffice v3.4 released
- http://www.openoffice.org/news/aoo34.html
8 May 2012 — "The Apache OpenOffice Project today announced the availability of Apache OpenOffice 3.4, the first release of OpenOffice under the governance of the Apache Software Foundation. Apache OpenOffice is the original open source office productivity suite, designed for professional and consumer use... Apache OpenOffice is the leading open source office productivity suite, with more than 100 million users worldwide in home, corporate, government, research, and academic environments, across 15 languages. Apache OpenOffice 3.4 is available for download* free of charge. OpenOffice 3.4 features:
• word processing, spreadsheets, presentation graphics, databases, drawing, and mathematical editing applications support for Windows, Linux (32-bit and 64-bit) and Macintosh operating environments
• native language support for English, Arabic, Czech, German, Spanish, French, Galician, Hungarian, Italian, Japanese, Dutch, Russian, Brazilian Portuguese, Simplified Chinese, and Traditional Chinese
• improved ODF support, including new ODF 1.2 encryption options and new spreadsheet functions
• enhanced pivot table support in Calc
• enhanced graphics, including line caps, shear transformations and native support for Scalable Vector Graphics (SVG)
• improvements in performance and quality
The complete list of new features, functions, and improvements is available in the Release Notes..."

* Download: http://download.openoffice.org/

Release notes: https://cwiki.apache.org/confluence/display/OOOUSERS/AOO+3.4+Release+Notes
___

- https://secunia.com/advisories/46992/
Release Date: 2012-05-17
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-1149, CVE-2012-2149
Solution: Update to version 3.4.
Original Advisory:
http://www.openoffice.org/security/cves/CVE-2012-1149.html
http://www.openoffice.org/security/cves/CVE-2012-2149.html

- http://www.securitytracker.com/id/1027068
CVE Reference: CVE-2012-1149
Updated: May 16 2012

- http://www.securitytracker.com/id/1027069
CVE Reference: CVE-2012-2149
May 16 2012

- http://www.securitytracker.com/id/1027070
CVE Reference: CVE-2012-2334
Date: May 16 2012
Solution: The vendor has issued a fix (3.4).
> http://www.openoffice.org/security/cves/CVE-2012-2334.html

:fear::fear:
 
Last edited:
Apple - multiple updates released

FYI...

Apple Security Update 2012-002 - OS X Lion v10.7.4
Released for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- http://support.apple.com/kb/HT5281
May 09, 2012

- http://support.apple.com/kb/HT5167

Related: http://support.apple.com/kb/TS4272

- http://www.securitytracker.com/id/1027054
CVE Reference: CVE-2012-0649, CVE-2012-0651, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658, CVE-2012-0659, CVE-2012-0660, CVE-2012-0661, CVE-2012-0662, CVE-2012-0675
Date: May 10 2012
Impact: Disclosure of system information, Execution of arbitrary code via network, User access via local system, User access via network
Version(s): 10.6.8, 10.7.3
Solution: The vendor has issued a fix (OS X Lion v10.7.4 and Security Update 2012-002), available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:
http://www.apple.com/support/downloads/
___

Safari 5.1.7
- http://support.apple.com/kb/HT5282
May 09, 2012

- http://support.apple.com/kb/DL1531

- http://support.apple.com/kb/HT5271

- https://secunia.com/advisories/47292/
Release Date: 2012-05-10
Criticality level: Highly critical
CVE Reference(s):
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3046 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3056 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0676 - 5.0
Impact: Security Bypass, Cross Site Scripting, System access
Where: From remote
... vulnerabilities are reported in versions prior to 5.1.7.
Solution: Update to version 5.1.7

- http://www.securitytracker.com/id/1027053
Date: May 10 2012
Impact: Modification of user information
Version(s): prior to 5.1.7
... The vendor's advisory is available at:
http://support.apple.com/kb/HT1222
___

Apple closes numerous holes in Mac OS X and Safari
- http://atlas.arbor.net/briefs/
Severity: Elevated Severity
Published: Friday, May 11, 2012
Now that malware authors are paying more attention to the OS X platform, keeping current on updates is going to become more important. This patch also fixes the recent plaintext password leakage issue.
Analysis: The Flashback trojan infected and still infects a substantial number of OS X systems. Imagine for a moment that they decided to take advantage of one of these security flaws - the password leakage issue with older versions of filevault - and compromised many passwords. Some of those passwords are bound to be re-used elsewhere, which could lead an attacker deeper into an enterprise. Creative and dedicated attackers will use any possible method to further their campaigns. This is just one scenario. Recent events show us that OS X is a viable target for criminals therefore patches need to be deployed in a timely manner to reduce risks.
Source: http://h-online.com/-1572174

.
 
Last edited:
Apple 2012-003 Security Update for Leopard

FYI...

Apple 2012-003 Security Update for Leopard
- https://support.apple.com/kb/DL1533
May 14, 2012

- http://support.apple.com/kb/HT5271
"... Out-of-date versions of Adobe Flash Player do not include the latest security updates and will be disabled to help keep your Mac secure. If Safari 5.1.7 or Leopard Security Update 2012-003 detects an out-of-date version of Flash Player on your system, you will see a dialog informing you that Flash Player has been disabled. The dialog provides the option to go directly to Adobe's website, where you can download and install an updated version of Flash Player..."

- http://support.apple.com/kb/HT1222

- http://lists.apple.com/archives/security-announce/2012/May/msg00004.html
___

APPLE-SA-2012-05-14-1 Flashback Removal Security Update
- http://lists.apple.com/archives/security-announce/2012/May/msg00003.html
14 May 2012

- http://support.apple.com/downloads/

Flashback removal tool - for Mac OS X 10.5 Leopard
- http://h-online.com/-1575554
15 May 2012

.
 
Last edited:
QuickTime v7.7.2 released

FYI...

QuickTime v7.7.2 released
- https://secunia.com/advisories/47447/
Release Date: 2012-05-16
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2011-3458, CVE-2011-3459, CVE-2011-3460, CVE-2012-0265, CVE-2012-0663, CVE-2012-0664, CVE-2012-0665, CVE-2012-0666, CVE-2012-0667, CVE-2012-0668, CVE-2012-0669, CVE-2012-0670, CVE-2012-0671
... vulnerabilities are reported in versions prior to 7.7.2.
Solution: Update to version 7.7.2.
Original Advisory: Apple (APPLE-SA-2012-05-15-1):
http://lists.apple.com/archives/security-announce/2012/May/msg00005.html
Download:
- http://www.apple.com/quicktime/download/
-or-
Use Apple Software Update.

- http://support.apple.com/kb/HT5261
May 15, 2012

- http://www.securitytracker.com/id/1027065
May 16 2012
Impact: Execution of arbitrary code via network, User access via network
Version(s): prior to 7.7.2
Description: Multiple vulnerabilities were reported in Apple QuickTime. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
Only Windows-based systems are affected...

:fear::fear:
 
Last edited:
PHP v5.4.3 remote exploit PoC in the wild

FYI...

PHP v5.4.3 - PoC remote exploit in the wild
- https://isc.sans.edu/diary.html?storyid=13255
Last Updated: 2012-05-19 - "There is a remote exploit in the wild for PHP 5.4.3 in Windows, which takes advantage of a vulnerability in the com_print_typeinfo function. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port. Since there is no patch available for this vulnerability yet, you might want to do the following:
• Block any file upload function in your php applications to avoid risks of exploit code execution.
• Use your IPS to filter known shellcodes like the ones included in metasploit.
• Keep PHP in the current available version, so you can know that you are not a possible target for any other vulnerability like CVE-2012-2336* registered at the beginning of the month.
• Use your HIPS to block any possible buffer overflow in your system."
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2336

> Last: http://www.php.net/archive/2012.php#id2012-05-08-1

PHP 5.4 (5.4.3) Code Execution (Win32)
> http://www.exploit-db.com/exploits/18861/
___

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2376 - 10.0 (HIGH)

:fear::fear::spider:
 
Last edited:
IrfanView plugins updated - v4.34 released

FYI...

IrfanView plugins updated - v4.34 released

- https://secunia.com/advisories/49204/
Release Date: 2012-05-31
Criticality level: Highly critical
Impact: System access
Where: From remote
... vulnerability is confirmed in version 4.33. Other versions may also be affected.
Solution: Apply ECW PlugIn patch version 4.34*
___

- http://www.irfanview.com/plugins.htm
PlugIns updated -after- the version 4.33:

FPX/FlashPix PlugIn (4.34): Installer or ZIP - FPX-Library loading bug fixed:
http://www.irfanview.net/plugins/irfanview_plugin_fpx.exe
* ECW PlugIn (Third party, 3.1.0.350 - 4.34): Installer or ZIP - Some loading bugs fixed:
http://www.irfanview.net/plugins/irfanview_plugin_ecw.exe
XCF PlugIn (1.08): Installer or ZIP - Some loading bugs fixed:
http://www.irfanview.net/plugins/irfanview_plugin_xcf.exe

- https://secunia.com/advisories/49319/
Release Date: 2012-06-01
Criticality level: Moderately critical
Impact: System access
Where: From remote...
Solution: Apply Formats PlugIn patch version 4.34...
- http://www.irfanview.com/plugins.htm
FORMATS PlugIn (4.34): TTF loading bug fixed...
- http://www.irfanview.net/plugins/irfanview_plugin_formats.exe

:fear:
 
Last edited:
Thunderbird v13.0 released

FYI...

Thunderbird v13.0 released
- https://www.mozilla.org/en-US/thunderbird/13.0/releasenotes
June 5, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13
Fixed in Thunderbird 13
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
MFSA 2012-34 Miscellaneous memory safety hazards

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/13.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- http://www.securitytracker.com/id/1027122
CVE Reference:
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0441 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1937 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1938 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1939 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1940 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1941 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1942 - 7.2 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1943 - 6.9
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1944 - 4.3
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1945 - 2.9
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1946 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1947 - 9.3 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3105 - 9.3 (HIGH)
Jun 6 2012
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 13.0

- https://secunia.com/advisories/49368/
Release Date: 2012-06-06
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Exposure of sensitive information, Privilege escalation, System access
Where: From remote
Solution: Upgrade to... Thunderbird version 13.0.

:fear:
 
Last edited:
iTunes v10.6.3 released

FYI...

iTunes v10.6.3 released
- https://secunia.com/advisories/49489/
Release Date: 2012-06-12
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s):
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0672 - 6.8
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0677 - 9.3 (HIGH)
... This vulnerability does not affect the application on OS X Lion systems.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Solution: Update to version 10.6.3.
Original Advisory: Apple:
http://support.apple.com/kb/HT5318

• Addresses a problem where iTunes may become unresponsive when syncing an iPad (1st generation) that contains an iBooks textbook
• Fixes a problem where photos synced to a device may appear in an unexpected order
• Resolves an issue where iTunes may unexpectedly delete playlists created on a device
• Fixes issues where iTunes may unexpectedly delete apps on a device
• Improves overall performance and reliability

... available via Apple Software Update.

:fear::fear:
 
Last edited:
Java for OS X 2012-004 / Mac OS X 10.6 Update 9

FYI...

Java for OS X 2012-004 / Mac OS X 10.6 Update 9
- http://support.apple.com/kb/HT5319
June 12, 2012 - "Description: Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33. Further information is available via the Java website at
http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html ..."

- https://secunia.com/advisories/49542/
Release Date: 2012-06-13
Criticality level: Highly critical
Impact: Cross Site Scripting, Manipulation of data, Exposure of sensitive information, DoS, System access
Where: From remote...
... more information: https://secunia.com/SA49472/
Original Advisory: http://support.apple.com/kb/HT5319

> http://forums.spybot.info/showpost.php?p=426869&postcount=4

:fear:
 
Last edited:
Plesk Panel remote vuln - Fix

FYI...

Plesk Panel remote vuln - Fix
- http://kb.parallels.com/en/113321
Last Review: Jul, 12 2012 - "... it may not be plausible at this time to perform a full upgrade to the latest release of Parallels Plesk Panel 11 which is not affected, thus there was a set of Micro-Updates released for each major version affected which will resolve the security issue without the necessity of a system upgrade..."

- http://www.symantec.com/security_response/threatconlearn.jsp
"... Parallels has released a fix for its Plesk Panel application to correct a previously unknown vulnerability which allows the administrator password to be recovered by an attacker. The code to exploit the vulnerability is currently being sold on the internet and potentially allows passwords to be compromised. Customers are advised to apply the fix as soon as possible..."
___

- http://www.securitytracker.com/id/1027243
Jul 12 2012
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1557 - 7.5 (HIGH)
Impact: Disclosure of system information, Disclosure of user information, User access via network
Version(s): prior to 10.4.x*
Solution: The vendor has issued a fix.
The fix also includes a Mass Password Reset Script that must be executed to remove existing sessions and prevent a recurrence.
The vendor's advisory is available at:
- http://kb.parallels.com/en/113321

- https://secunia.com/advisories/48262
___

Plesk Panel 10.x for Windows...
* http://download1.parallels.com/Ples...k-panel-10-windows-updates-release-notes.html
15-Jul-2012 - "... Fixed critical Plesk security issues found during internal security audit. All customers are highly recommended to update..."

Plesk Panel 10.x for Linux...
- http://download1.parallels.com/Plesk/PP10/parallels-plesk-panel-10-linux-updates-release-notes.html
15-Jul-2012 - "... Fixed critical Plesk security issues found during internal security audit. All customers are highly recommended to update..."

- http://kb.parallels.com/en/113321
Last Review: Jul, 16 2012

:fear::fear: :spider:
 
Last edited:
Thunderbird v14.0 released

FYI...

Thunderbird v14.0 released
- https://www.mozilla.org/en-US/thunderbird/14.0/releasenotes
July 17, 2012 ... See Known Issues

Security Advisories
- https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14
Fixed in Thunderbird 14
MFSA 2012-56 Code execution through javascript: URLs
MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-50 Out of bounds read in QCMS
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-45 Spoofing issue with location
MFSA 2012-44 Gecko memory corruption
MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)

Bugs fixed
- https://www.mozilla.org/en-US/thunderbird/14.0/releasenotes/buglist.html

Download
- https://www.mozilla.org/thunderbird/all.html
___

- https://secunia.com/advisories/49993/
Release Date: 2012-07-18
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access
Where: From remote...
Solution: Upgrade to version 14...

- http://www.securitytracker.com/id/1027257
CVE Reference: CVE-2012-1948, CVE-2012-1949, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1967
Jul 17 2012
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Version(s): prior to 14 ...

:fear::fear:
 
Oracle Critical Patch Update Advisory - July 2012

FYI...

- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
2012-July-17 - "... This Critical Patch Update contains 87 new security fixes..."
* http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html#PIN

July 2012 Risk Matrices
- http://www.oracle.com/technetwork/topics/security/cpujul2012verbose-392736.html
___

- https://www.us-cert.gov/current/#oracle_releases_critical_patch_update20
July 18, 2012 - "... 87 vulnerabilities across multiple products. This update contains the following security fixes:
• 4 for Oracle Database Server
• 1 for Oracle Application Express Listener
• 2 for Oracle Secure Backup
• 22 for Oracle Fusion Middleware
• 1 for Oracle Hyperion
• 1 for Oracle Enterprise Manager Grid Control
• 4 for Oracle E-Business Suite
• 5 for Oracle Supply Chain Products
• 9 for Oracle PeopleSoft Products
• 7 for Oracle Siebel CRM
• 1 for Oracle Industry Applications
• 24 for Oracle Sun Products
• 6 for Oracle MySQL ..."
___

- http://h-online.com/-1644934
18 July 2012

:fear::fear:
 
Symantec updates/multiple vulns - 2012-07-23

FYI...

Symantec Two Products Insecure Library Loading vuln ...
- https://secunia.com/advisories/50033/
Release Date: 2012-07-23
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0305
... vulnerability is reported in the following products and versions:
* Symantec Backup Exec System Recovery 2010 prior to SP5
* Symantec System Recovery 2011 prior to SP2
Solution: Update to a fixed version.
Original Advisory: SYM12-012:
http://www.symantec.com/security_re...isory&pvid=security_advisory&suid=20120720_01

- http://support.microsoft.com/kb/932716#appliesto
Last Review: October 9, 2011 - Revision: 6.0
___

Symantec Web Gateway multiple vulns
- https://secunia.com/advisories/50031/
Release Date: 2012-07-23
Criticality level: Moderately critical
Impact: Security Bypass, Manipulation of data, System access
Where: From local network
CVE Reference(s): CVE-2012-2574, CVE-2012-2953, CVE-2012-2957, CVE-2012-2961, CVE-2012-2976, CVE-2012-2977
Solution: Apply Database Update 5.0.0.438.
Original Advisory: SYM12-011:
http://www.symantec.com/security_re...isory&pvid=security_advisory&suid=20120720_00

:fear::fear:
 
You must log in or register to reply here.
Back
Top