Tag Archives: component vulnerabilities

Flaw In Facebook Allowed Attachers To Record Video Of User And Post It On The Timeline


December 28, 2012 By
The Vigilant Application Owner

Softpedia – (International) Flaw in Facebook allowed attackers to record video of user and post it on the timeline. Researchers from XYSEC Labs identified a cross site request forgery (CSRF) vulnerability in Facebook that could allow an attacker to record video from the victim’s webcam or other source and then post it to the victim’s […]

Continue reading...

Researcher Finds XSS Vulnerabilities In cPanel And WHM 11.34


December 27, 2012 By
The Vigilant Application Owner

Softpedia – (International) Researcher finds XSS vulnerabilities in cPanel and WHM 11.34. A researcher released a video where he identified cross-site scripting (XSS) vulnerabilities in the popular cPanel and WHM 11.34 Web hosting control panel. Source: http://news.softpedia.com/news/Researcher-Finds-XSS-Vulnerabilities-in-cPanel-WHM-11-34-Video-317356.shtml

Continue reading...

Drupal 7.18 and 6.28 Released To Address Security Vulnerabilities


December 20, 2012 By
The Vigilant Application Owner

Softpedia – (International) Drupal 7.18 and 6.28 released to address security vulnerabilities. Drupal 7.18 and 6.27 were released to fix three remotely exploitable vulnerabilities, all rated moderately critical. – 8 – Source: http://news.softpedia.com/news/Drupal-7-18-and-6-28-Released-to-Address-Security-Vulnerabilities-316281.shtml

Continue reading...

Hackers Breached Heating System Via Industrial Control System Backdoor


December 13, 2012 By
The Vigilant Application Owner

Wired.com – (New Jersey; International) Hackers breached heating system via industrial control system backdoor. Hackers broke into the industrial control system (ICS) of a New Jersey air conditioning company earlier this year, using a backdoor vulnerability in the system, according to a FBI memo made public the week of December 10. The intruders first breached […]

Continue reading...

Stored XSS That Allowed Hackers To Hijack Tumblr Blogs Still Unfixed


December 11, 2012 By
The Vigilant Application Owner

Softpedia – (International) Stored XSS that allowed hackers to hijack Tumblr blogs still unfixed. The stored cross-site scripting (XSS) vulnerability that allowed hackers to hijack Tumblr blogs remains unfixed, according to a security researcher. He explains that this vulnerability could be utilized for numerous cybercriminal operations. The stored XSS could be used for phishing, malware […]

Continue reading...

Highway Traffic Monitoring System Has Exploitable Electronic Flaws, Says CERT


December 3, 2012 By
The Vigilant Application Owner

Government Security News – (National) Highway traffic monitoring system has exploitable electronic flaw, says CERT. Systems that can track automotive traffic on roadways, providing speed and highway traffic behavior patterns has a flaw that could allow a skilled hacker to break in, according to the U.S. Industrial Control System Computer Emergency Readiness Team (ICS-CERT). A […]

Continue reading...

Pacemakers, Other Implanted Devices, Vulnerable to Lethal Attacks


November 28, 2012 By
The Vigilant Application Owner

Homeland Security News Wire – (International) Pacemakers, other implanted devices, vulnerable to lethal attacks. IT experts reported security flaws in pacemakers and defibrillators could be putting lives at risk, stating that many devices are not properly secured and therefore are vulnerable to hackers who may want to commit an act that could lead to multiple […]

Continue reading...

eBay Closes Critical Security Holes


November 25, 2012 By
The Vigilant Application Owner

The H – (International) eBay closes critical security holes. The online auction house eBay has fixed two vulnerabilities in its U.S. Web site. One of the vulnerabilities was a critical SQL injection hole in the site’s selling area that gave potential attackers unauthorized read and write access to one of the company’s databases. The hole […]

Continue reading...

Joomla 3.0.2 and 2.5.8 Available For Download, Security Fixes Included


November 9, 2012 By
The Vigilant Application Owner

Softpedia – (International) Joomla 3.0.2 and 2.5.8 available for download, security fixes included. The Joomla Project released Joomla 3.0.2 and Joomla 2.5.8. Both variants come with a number of improvements, including fixes for security issues. In Joomla 3.0.2, a medium priority cross-site scripting (XSS) vulnerability that affected the language search component was fixed. In the […]

Continue reading...

Siemens Software Targeted By Stuxnet Still Full Of Holes


November 8, 2012 By
The Vigilant Application Owner

IDG News Service – (International) Siemens software targeted by Stuxnet still full of holes. Software made by Siemens and targeted by the Stuxnet malware is still full of other dangerous vulnerabilities, according to researchers. The CTO of Positive Technologies was scheduled to give a presentation in July at Defcon, but it was pulled after Siemens […]

Continue reading...