Oracle confirms Java 7 Update 15 vulnerability, but researchers are still unhappy. Researchers urged Oracle to reevaluate their submissions of weaknesses in the Java 7 Update 15 after the company acknowledged only one of the two vulnerabilities discovered regarding a full sandbox bypass is a concern, and simply determined the second vulnerability to be accepted behavior of the update.
The H – (International) PostgreSQL updates to close denial-of-service hole. The developers of PostgreSQL released updates to several versions of their products to address a misdeclared function that could allow a SQL command to crash PostgreSQL, among other issues.
Help Net Security – (International) Whitehole exploit kit in the spotlight. A new exploit kit dubbed Whitehole has been seen for sale and in ‘test-release’ mode, and found to use five Java Runtime Environment vulnerabilities along with security evasion methods.
IDG News Service – (International) Barracuda moves to shutter backdoor access to its network gear. Barracuda Networks issued an update to close a vulnerability in its network security appliances that allowed unauthorized access through remote support backdoors.
Softpedia – (International) Hacker gains access to Foxconn databases, just wants to prove lack of security. The hacker known as D35m0nd142 exploited and blind SQL injection vulnerability on a site belonging to manufacturer Foxconn, and brought the vulnerability to the company’s attention.