Tag Archives: component vulnerabilities

Oracle Responds To Warning On Java Vulnerability


January 13, 2013 By
The Vigilant Application Owner

International Business Times – Oracle has announced fixes for two flaws in its Java software. One research group says Java was responsible for half of all cyberattacks in 2012 that involved an exploited software bug. Last week, the Department of Homeland Security and security researchers said they had identified vulnerabilities in the software that could […]

Continue reading...

Exploit Code, Metasploit Module Out For Ruby On Rails Flaws


January 10, 2013 By
The Vigilant Application Owner

Threatpost – (International) Exploit code, Metasploit module out for Ruby on Rails flaws. Proof-of-concept exploit code and a penetration testing module were released for several Ruby on Rails vulnerabilities that could allow arbitrary code execution and the installation of backdoors, presenting a major vulnerability for Web sites using versions other than the most recently released. […]

Continue reading...

All Ruby On Rails Versions Affected By SQL Injection Flaw


January 3, 2013 By
The Vigilant Application Owner

Help Net Security – (International) All Ruby on Rails versions affected by SQL injection flaw. The developers of Ruby on Rails released three new versions of the application framework to address an SQL injection vulnerability present in all past iterations of the software. Source: http://www.net-security.org/secworld.php?id=14173

Continue reading...

Flaw In Facebook Allowed Attachers To Record Video Of User And Post It On The Timeline


December 28, 2012 By
The Vigilant Application Owner

Softpedia – (International) Flaw in Facebook allowed attackers to record video of user and post it on the timeline. Researchers from XYSEC Labs identified a cross site request forgery (CSRF) vulnerability in Facebook that could allow an attacker to record video from the victim’s webcam or other source and then post it to the victim’s […]

Continue reading...

Researcher Finds XSS Vulnerabilities In cPanel And WHM 11.34


December 27, 2012 By
The Vigilant Application Owner

Softpedia – (International) Researcher finds XSS vulnerabilities in cPanel and WHM 11.34. A researcher released a video where he identified cross-site scripting (XSS) vulnerabilities in the popular cPanel and WHM 11.34 Web hosting control panel. Source: http://news.softpedia.com/news/Researcher-Finds-XSS-Vulnerabilities-in-cPanel-WHM-11-34-Video-317356.shtml

Continue reading...

Drupal 7.18 and 6.28 Released To Address Security Vulnerabilities


December 20, 2012 By
The Vigilant Application Owner

Softpedia – (International) Drupal 7.18 and 6.28 released to address security vulnerabilities. Drupal 7.18 and 6.27 were released to fix three remotely exploitable vulnerabilities, all rated moderately critical. – 8 – Source: http://news.softpedia.com/news/Drupal-7-18-and-6-28-Released-to-Address-Security-Vulnerabilities-316281.shtml

Continue reading...

Hackers Breached Heating System Via Industrial Control System Backdoor


December 13, 2012 By
The Vigilant Application Owner

Wired.com – (New Jersey; International) Hackers breached heating system via industrial control system backdoor. Hackers broke into the industrial control system (ICS) of a New Jersey air conditioning company earlier this year, using a backdoor vulnerability in the system, according to a FBI memo made public the week of December 10. The intruders first breached […]

Continue reading...

Stored XSS That Allowed Hackers To Hijack Tumblr Blogs Still Unfixed


December 11, 2012 By
The Vigilant Application Owner

Softpedia – (International) Stored XSS that allowed hackers to hijack Tumblr blogs still unfixed. The stored cross-site scripting (XSS) vulnerability that allowed hackers to hijack Tumblr blogs remains unfixed, according to a security researcher. He explains that this vulnerability could be utilized for numerous cybercriminal operations. The stored XSS could be used for phishing, malware […]

Continue reading...

Highway Traffic Monitoring System Has Exploitable Electronic Flaws, Says CERT


December 3, 2012 By
The Vigilant Application Owner

Government Security News – (National) Highway traffic monitoring system has exploitable electronic flaw, says CERT. Systems that can track automotive traffic on roadways, providing speed and highway traffic behavior patterns has a flaw that could allow a skilled hacker to break in, according to the U.S. Industrial Control System Computer Emergency Readiness Team (ICS-CERT). A […]

Continue reading...

Pacemakers, Other Implanted Devices, Vulnerable to Lethal Attacks


November 28, 2012 By
The Vigilant Application Owner

Homeland Security News Wire – (International) Pacemakers, other implanted devices, vulnerable to lethal attacks. IT experts reported security flaws in pacemakers and defibrillators could be putting lives at risk, stating that many devices are not properly secured and therefore are vulnerable to hackers who may want to commit an act that could lead to multiple […]

Continue reading...