[Forgot Password]
Login  Register Subscribe

23631

 
 

122725

 
 

98503

 
 

909

 
 

79321

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 774 Download | Alert*

Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation (EV) capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to explicitly untrust root certificates from specific certificate authorities.

Security researchers Tyson Smith and JesseSchwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also reported a variant of the same flaw. This issue leads to a potentially exploitable crash.

Mozilla developer Eric Faust reported that during JavaScript compilation GetElementIC typed array stubs can be generated outside observed typesets. This could lead to unpredictable behavior with a potential security impact.

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla's root store, was loaded into a man-in-the-middle (MITM) traffic management device. This certificate was issued by Agence nationale de la scurit des systmesd" information (ANSSI), an agency of the French government and a certificate authority in Mozilla's root program. A subordinate certificate ...

The host is missing a critical security update according to Adobe advisory, APSB08-23. The update is required to fix an unspecified vulnerability. The flaw is present in the application, which fails to properly handle unknown attack vectors. Successful exploitation allows context-dependent attackers to execute untrusted JavaScript in an AIR application.

The host is missing an important security update according to Adobe security bulletin, APSB13-03. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to execute arbitrary code or gain sensitive information via unspecified vectors.

The host is missing an important security update according to Adobe security bulletin, APSB10-18. The update is required to fix multiple directory traversal vulnerabilities. The flaws are present in the administrator console which are CFIDE/administrator/settings/mappings.cfm, logging/settings.cfm, datasources/index.cfm, j2eepackaging/editarchive.cfm, and enter.cfm in CFIDE/administrator/. Success ...

The host is missing an important security update according to Adobe security bulletin, APSB11-29. The update is required to fix multiple cross-site scripting vulnerabilities. The flaws are present in the RDS and cfform tag components in the application, which fails to properly handle the vectors. Successful exploitation allows remote attackers to inject arbitrary web script or HTML.

The host is missing an important security update according to Adobe security bulletin, APSB12-15. The update is required to fix CRLF injection vulnerability. A flaw is present in the Component Browser in Adobe ColdFusion, which fails to properly handle user supplied input. Successful exploitation allows remote attackers inject arbitrary HTTP headers and conduct HTTP response splitting attacks via ...

The host is missing an important security update according to Adobe security bulletin, APSB12-26. The update is required to fix security bypass vulnerability. A flaw is present in the application, which fails to handle user crafted input. Successful exploitation allows remote attackers to bypass intended shared-hosting sandbox permissions via unspecified vectors.


Pages:      Start    61    62    63    64    65    66    67    68    69    70    71    72    73    74    ..   77

© 2013 SecPod Technologies