Tag Archives: component vulnerabilities

Drupal 7.19 and 6.28 Released To Address XSS, Access Bypass Flaws


January 17, 2013 By
The Vigilant Application Owner

Softpedia – (International) Drupal 7.19 and 6.28 released to address XSS, access bypass flaws. The developers of Drupal released Drupal 7.19 and Drupal 6.28, which address a cross-site scripting vulnerability and several access bypass vulnerabilities present in older versions. Source: http://news.softpedia.com/news/Drupal-7-19-and-6-28-Released-to-Address-XSS-Access-Bypass-Flaws-321861.shtml

Continue reading...

Categories: Uncategorized

Expert Finds Security Holes In Sites Of Microsoft, Twilio and ProActive CMS


By
The Vigilant Application Owner

Softpedia – (International) Expert finds security holes in sites of Microsoft, Twilio and ProActive CMS. A security researcher discovered vulnerabilities in Web sites belonging to Microsoft and Twilio, as well as issues in ProActive content management system (CMS). Twilio and Microsoft addressed their respective cross-site request forgery and cross-site scripting vulnerabilities, while the ProActive CMS […]

Continue reading...

Categories: Uncategorized

Red October Cyber Espionage Campaign Relied On Java Exploit To Infect Computers


January 15, 2013 By
The Vigilant Application Owner

Softpedia – (International) Red October cyber espionage campaign relied on Java exploit to infect computers. Researchers at Seculert analyzed the recently-discovered ‘Red October’ cyber espionage campaign and found that it had also utilized a Java vulnerability to disseminate malware. Source: http://news.softpedia.com/news/Red-October-Cyber-Espionage-Campaign-Relied-on-Java-Exploit-to-Infect-Computers-321319.shtml

Continue reading...

Categories: Uncategorized

Oracle Responds To Warning On Java Vulnerability


January 13, 2013 By
The Vigilant Application Owner

International Business Times – Oracle has announced fixes for two flaws in its Java software. One research group says Java was responsible for half of all cyberattacks in 2012 that involved an exploited software bug. Last week, the Department of Homeland Security and security researchers said they had identified vulnerabilities in the software that could […]

Continue reading...

Categories: Uncategorized

Exploit Code, Metasploit Module Out For Ruby On Rails Flaws


January 10, 2013 By
The Vigilant Application Owner

Threatpost – (International) Exploit code, Metasploit module out for Ruby on Rails flaws. Proof-of-concept exploit code and a penetration testing module were released for several Ruby on Rails vulnerabilities that could allow arbitrary code execution and the installation of backdoors, presenting a major vulnerability for Web sites using versions other than the most recently released. […]

Continue reading...

Categories: Uncategorized

Flaw In Facebook Allowed Attachers To Record Video Of User And Post It On The Timeline


December 28, 2012 By
The Vigilant Application Owner

Softpedia – (International) Flaw in Facebook allowed attackers to record video of user and post it on the timeline. Researchers from XYSEC Labs identified a cross site request forgery (CSRF) vulnerability in Facebook that could allow an attacker to record video from the victim’s webcam or other source and then post it to the victim’s […]

Continue reading...

Categories: Uncategorized

Researcher Finds XSS Vulnerabilities In cPanel And WHM 11.34


December 27, 2012 By
The Vigilant Application Owner

Softpedia – (International) Researcher finds XSS vulnerabilities in cPanel and WHM 11.34. A researcher released a video where he identified cross-site scripting (XSS) vulnerabilities in the popular cPanel and WHM 11.34 Web hosting control panel. Source: http://news.softpedia.com/news/Researcher-Finds-XSS-Vulnerabilities-in-cPanel-WHM-11-34-Video-317356.shtml

Continue reading...

Categories: Uncategorized

Drupal 7.18 and 6.28 Released To Address Security Vulnerabilities


December 20, 2012 By
The Vigilant Application Owner

Softpedia – (International) Drupal 7.18 and 6.28 released to address security vulnerabilities. Drupal 7.18 and 6.27 were released to fix three remotely exploitable vulnerabilities, all rated moderately critical. – 8 – Source: http://news.softpedia.com/news/Drupal-7-18-and-6-28-Released-to-Address-Security-Vulnerabilities-316281.shtml

Continue reading...

Categories: Uncategorized