Turbolinux Server and RedHat Fedora, which affects Debian Linux.
Another vulnerability, "vmsplice_to_pipe ()", is a region-wide vulnerability that allows hackers to gain the superuser permissions of compromised computers. In addition to the Red Hat and Turbolinux Server, the affected Linux systems also expand to Ubuntu Linux, Slackware Linux, and openSUSE.
Although the security industry Secunia classified this extended permission vulnerability
bug #61565 where php_stream_open_wrapper_ex tries to open a directory descriptor under windows
Fixed bug #61566 failure caused by the posix lseek and read versions under windows in cdf_read ()
Iconv
Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See https://bugs.gentoo.org/show_bug.cgi? Id = 364139 for detail
Intl
Fixed bug #62082 (Memory Upload uption in internal function get_icu_disp_value_sr
com_dotnet cannot be built shared
Fileinfo
Fixed bug #61812 (Uninitialised value used in libmagic)
FPM
Fixed bug #61812 (Uninitialised value used in libmagic)
Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a directory descriptor under windows
Fixed bug #61566 failure caused by the posix lseek and read versions under windows in cdf_read ()
Iconv
Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the i
A Google Engineer once again revealed the Windows vulnerability. The Google information security engineer named Tavis Ormandy issued a full disclosure article at the seclists site, this article describes in detail the vulnerability in Windows 7 and Windows 8 that can be exploited by local users to gain higher user permissions. Security company secunia said the vulnerability is less risky because it cannot be remotely exploited.
This case fully demons
According to foreign media reports, Adobe has recently updated Adobe Reader and Adobe Acrobat to fix a serious JavaScript vulnerability that affects windows, Mac, Linux, and UNIX.
As the company promised, on Tuesday, it provided security advice on software vulnerabilities and fixed the second vulnerability that affected UNIX. Security company secunia considers the vulnerability as "critical ".
Adobe believes that the April 27 proof-of-conceptCodeT
Two Security Vulnerabilities discovered in a Web service protocol may allow attackers to control vulnerable servers.The vulnerabilities found in XML-RPC For PHP and PEAR XML_RPC affect a large number of Web applications, according to a security bulletin from GulfTech, the company that found the vulnerability.XML-based Remote Procedure Call (RPC) systems, such as XML-RPC, work together with HTTP to drive Web services. XML-RPC For PHP and PEAR XML_RPC are used to implement XML-RPC For the PHP scri
Release date:
Last Updated:
Hazard level:
Vulnerability Type: Design Error
Threat Type: Remote
Vulnerability introduction:
Mozilla Firefox is a free, open-source browser applicable to Windows, Linux, and MacOS X platforms.
The implementation of the Digital Signature of JAR files in Mozilla Firefox versions 4. x to 5 cannot prevent the use of signed code from unsigned JavaScript code. Remote attackers can bypass the same-origin policy through a specially crafted web site to obtain privileg
Release date:
Last Updated:
Hazard level:
Vulnerability Type: code injection
Threat Type: Remote
Vulnerability introduction:
Mozilla Firefox is a free, open-source browser applicable to Windows, Linux, and MacOS X platforms.
The browser engine in Mozilla Firefox 4.x to 5 cannot correctly install the Java Script. Remote attackers can use unspecified vectors to cause DoS (memory corruption and application crash) or execute arbitrary code.
Vulnerability announcement:
Currently, the vendor
Google engineers once again announced Windows vulnerabilities that Microsoft was hard to cooperate
A Google Engineer once again revealed the Windows vulnerability. The Google information security engineer named Tavis Ormandy issued a full disclosure article at the SecLists site, this article describes in detail the vulnerability in Windows 7 and Windows 8 that can be exploited by local users to gain higher user permissions. Security company Secunia s
Refer:
WordPress zingsiri Forums arbitrary file disclosureHttp://ceriksen.com/2013/01/12/wordpress-zingiri-forums-arbitrary-file-disclosure/
Secunia Advisory SA50833Http://secunia.com/advisories/50833/
Analysis of vulnerability
The zingsiri Web Forums for WordPress writes our a header for the forum in forum. php through adding an action to wp_head.
44 add_action ('wp _ head', 'zing _ forum_header ');
686 function zing_forum_header ()687 {688 global $
Alt-N today released the English version of MDaemon server 8.15, which is probably the last version of MDaemon server 8. Because MDaemon 9.0 is coming!
I.A. This site: http://www.5dmail.net/down/SoftList-1399.htmB. http://files.altn.com/mdaemon/release/md815_en.exe
II. The official release notes are as follows:-----------------------------MDaemon 8.15-March 14,200 6-----------------------------
O fix to possible crash when sending calendar/task remindersO fix to excessive CPU usage by imap li
On June 18, July 10, a FireFox-IE dependency vulnerability was revealed. Secunia rated it as "very dangerous" and IE opened a special firefoxurl: // when identifying the handle, it calls FireFox to execute all programs. At that time, Mozilla security blog announced that it would not quit the patch for this problem. HoweverOn July 6, July 18, FireFox 2.0.0.5 was released. users who were careful discovered that Mozilla had quietly fixed this vulnerabili
According to foreign media reports, computer security experts recently reminded users that using IE and Firefox at the same time may cause remote attacks to users.
If a user encounters a malicious website when using the IE browser, the system also registers a "firefoxurl: //"Program. This program allows the browser to interact with specific content on the web, which may cause remote attacks to users. Chinese Webmaster. Station
Earlier this week, security researcher Thor larhoma discovered the
the latest version. Also, make sure the software is set to be automatically updated and shut down after many updates are automatically applied. Frequent security leaks are also because applications do not use important security patches that have been released for a long time.
The computer vendor may have some built-in update tools. For example, Lenovo has a built-in upgrade process designed to showcase all BIOS and driver updates. You can also manually detect application updates, just a little
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.