secunia

(ht is already destroyed )) PDO Fixed bug #61755 (A parsing bug in the prepared statements can lead to access violations) Phar Fixed bug #61065 (Secunia SA44335) (CVE-2012-2386) Streams Fixed bug #61961 (file_get_contents leaks when access empty file with maxlen set) Zlib Fixed bug #61820 (using ob_gzhandler will complain about headers already sent when no compression) Fixed bug #61443 (can't change zlib. output_compression on the fly) Fixed bug #607

A Google Engineer once again revealed the Windows vulnerability. The Google information security engineer named Tavis Ormandy issued a full disclosure article at the seclists site, this article describes in detail the vulnerability in Windows 7 and Windows 8 that can be exploited by local users to gain higher user permissions. Security company secunia said the vulnerability is less risky because it cannot be remotely exploited. This case fully demons

According to foreign media reports, Adobe has recently updated Adobe Reader and Adobe Acrobat to fix a serious JavaScript vulnerability that affects windows, Mac, Linux, and UNIX. As the company promised, on Tuesday, it provided security advice on software vulnerabilities and fixed the second vulnerability that affected UNIX. Security company secunia considers the vulnerability as "critical ". Adobe believes that the April 27 proof-of-conceptCodeT

Information provided: security bulletin (or clue) provide hotline: 51cto.editor@gmail.com Vulnerability Category: Enter a confirmation vulnerability Attack Type: Remote attack Release Date: 2005-09-20 Renew Date: 2005-09-20 Affected systems: PHP Advanced Transfer Manager 1.x Security system: None Vulnerability Speaker: Rgod Vulnerability Description: Secunia advisory:sa16867 PHP Advanced Transfer Manager Composite Vulnerability Rgod has reported some

uses single quotes to access eval () calls, attackers can easily execute PHP code on the target server.The latest PHPXMLRPC version has solved this problem. For applications that use this component, such as eGroupWare and phpGroupWare, the security vendor Secunia recommends limiting access to the XML-RPC functionality.According to Gulftech, the vulnerability in PEAR XML_RPC is related to the vulnerability in PHPXMLRPC. However, the vulnerability may

Release date: Last Updated: Hazard level: Vulnerability Type: Design Error Threat Type: Remote Vulnerability introduction: Mozilla Firefox is a free, open-source browser applicable to Windows, Linux, and MacOS X platforms. The implementation of the Digital Signature of JAR files in Mozilla Firefox versions 4. x to 5 cannot prevent the use of signed code from unsigned JavaScript code. Remote attackers can bypass the same-origin policy through a specially crafted web site to obtain privileg

Release date: Last Updated: Hazard level: Vulnerability Type: code injection Threat Type: Remote Vulnerability introduction: Mozilla Firefox is a free, open-source browser applicable to Windows, Linux, and MacOS X platforms. The browser engine in Mozilla Firefox 4.x to 5 cannot correctly install the Java Script. Remote attackers can use unspecified vectors to cause DoS (memory corruption and application crash) or execute arbitrary code. Vulnerability announcement: Currently, the vendor

Google engineers once again announced Windows vulnerabilities that Microsoft was hard to cooperate A Google Engineer once again revealed the Windows vulnerability. The Google information security engineer named Tavis Ormandy issued a full disclosure article at the SecLists site, this article describes in detail the vulnerability in Windows 7 and Windows 8 that can be exploited by local users to gain higher user permissions. Security company Secunia s

Refer: WordPress zingsiri Forums arbitrary file disclosureHttp://ceriksen.com/2013/01/12/wordpress-zingiri-forums-arbitrary-file-disclosure/ Secunia Advisory SA50833Http://secunia.com/advisories/50833/ Analysis of vulnerability The zingsiri Web Forums for WordPress writes our a header for the forum in forum. php through adding an action to wp_head. 44 add_action ('wp _ head', 'zing _ forum_header '); 686 function zing_forum_header ()687 {688 global $

Alt-N today released the English version of MDaemon server 8.15, which is probably the last version of MDaemon server 8. Because MDaemon 9.0 is coming! I.A. This site: http://www.5dmail.net/down/SoftList-1399.htmB. http://files.altn.com/mdaemon/release/md815_en.exe II. The official release notes are as follows:-----------------------------MDaemon 8.15-March 14,200 6----------------------------- O fix to possible crash when sending calendar/task remindersO fix to excessive CPU usage by imap li

On June 18, July 10, a FireFox-IE dependency vulnerability was revealed. Secunia rated it as "very dangerous" and IE opened a special firefoxurl: // when identifying the handle, it calls FireFox to execute all programs. At that time, Mozilla security blog announced that it would not quit the patch for this problem. HoweverOn July 6, July 18, FireFox 2.0.0.5 was released. users who were careful discovered that Mozilla had quietly fixed this vulnerabili

Information provision: Security Bulletin (or clue) provide hotline: 51cto.editor@gmail.com vulnerability Category: input validation vulnerability attack type: remote attack Launch date: updated: Affected systems: PHPAdvancedTransferManager1.x security system: vulnerability-free Reporter: rgod vulnerability description: SecuniaA information provided: Security Bulletins (or clues) provide hotline: bitscn.editor@gmail.com Vulnerability Category: enter the confirmation vulnerability Attack type: rem

According to foreign media reports, computer security experts recently reminded users that using IE and Firefox at the same time may cause remote attacks to users. If a user encounters a malicious website when using the IE browser, the system also registers a "firefoxurl: //"Program. This program allows the browser to interact with specific content on the web, which may cause remote attacks to users. Chinese Webmaster. Station Earlier this week, security researcher Thor larhoma discovered the

Windows BitLocker or Third-party tools. 2. Use the latest OS version and automatically update the OS and apps If you are not using the latest version of the operating system, you should upgrade to the latest version. Also, make sure the software is set to be automatically updated and shut down after many updates are automatically applied. Frequent security leaks are also because applications do not use important security patches that have been released for a long time. The computer vendor ma