|
|
|
|
|
|
Update 02 Sep: Exploit Database has released
a 0-day for Quicktime. Details are technical, expect exploits.
More
info.
A vulnerability has been discovered in Apple
QuickTime, which can be exploited by malicious people to compromise a
user's system. Successful exploitation allows execution of
arbitrary code. More
info. |
|
Update 02 Sep: The list of affected software
continues to grow, no slow down in reports on affected software yet.
Update 31 Aug: Microsoft has released a workaround and an
automated "Microsoft Fix It" solution that can be used to block loading
of libraries from remote locations. More
info.
The list of insecure software as a result of the
Microsoft Insecure Library Loading vulnerability grows. Assume if
it runs on Windows, it's insecure! The vulnerabilities affect
applications using the "LoadLibrary", "SearchPath", "CreateProcess" and
"ShellExecute" APIs in an insecure manner, and allow attackers to cause
a vulnerable application to load a malicious DLL when opening a file
from an untrusted network location. More
info. |
|
|
A vulnerability has been reported in Cisco IOS XR, which can be
exploited by malicious people to cause a DoS (Denial of Service). The
vulnerability is caused due to an error in the processing of Border
Gateway Protocol (BGP) packets and can be exploited to continuously
reset BGP peering sessions via a specially crafted peer prefix
announcement with an unrecognised attribute. The vulnerability is
reported in all Cisco IOS XR Software devices configured with BGP
routing. More
info. |
|
VMware has acknowledged multiple vulnerabilities in VMware ESX Server,
which can be exploited by malicious, local users to cause a DoS (Denial
of Service), malicious users to cause a DoS, and malicious people to
bypass certain security restrictions and potentially compromise a
vulnerable system. More
info. |
|
|
|
|
A vulnerability has been reported in Hitachi Cosminexus products, which
can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error while processing
unexpected data and can be exploited to disrupt some services.
More
info.
|
|
|
|
|
SUSE has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) and disclose potentially sensitive
information, and by malicious people to cause a DoS.
More
info. |
|
|
|
|
Multiple vulnerabilities have been reported in Apple iTunes, which can
be exploited by malicious people to compromise a user's system. The
vulnerabilities are caused due to the use of vulnerable WebKit code.
More
info. |
|
|
|
|
Exploit Database has released a 0-day for
Adobe Reader and Flash. Details are technical, expect exploits. More
info. |