|
Home > News > Tags > Remote Code Execution
|
|
30
Stories about: Remote Code Execution |
|
|
F-Secure has patched a remote code execution vulnerability that affected several of its security products and exposed users to drive-by download attacks.The buffer overflow vulnerability was discovered by security consultant Anil Aphale, aka 41.w4r10r, and is located in the F-Secure Gadget Resource Handler ActiveX Co... |
26 August 2011
08:45 GMT |
 |
|
A new version of Shockwave Player has been released to address critical vulnerabilities that can be exploited to execute arbitrary code remotely.The new Adobe Shockwave Player 11.6.1.629 version fixes seven memory corruption vulnerabilities that can lead to full system compromise.Mark Yason of IBM X-Force is credited... |
10 August 2011
08:20 GMT |
|
|
Microsoft has released its July batch of security patches which address vulnerabilities in Windows and Office, including a one that allows for remote code execution.Identified as CVE-2011-1265, the vulnerability is covered in MS11-053, the only Microsoft security bulletin rated critical this month.It is located in th... |
13 July 2011
09:55 GMT |
|
|
Security experts are concerned that a vulnerability exploited by a new iOS remote jailbreak might be leveraged by cyber criminals to infect devices with malware.Version 3.0 of the famous JailbreakMe remote jailbreak was released yesterday. The new variant has quickly gained popularity because it also works for the ne... |
7 July 2011
07:12 GMT |
|
|
The Internet Systems Consortium (ISC) has released an updated version of its DHCP implementation in order to resolve a vulnerability that could allow attackers to execute arbitrary code remotely.ISC DHCP is the most widely used open source implementation of the Dynamic Host Configuration Protocols and is included by ... |
7 April 2011
07:49 GMT |
|
|
Hackers claim that Sony has included a rootkit-like component in the latest 3.56 PlayStation 3 firmware update, which allows it to execute any code on people's gaming consoles.The claim was made last week by French PS3 hacker Mathieulh. "3.56 pretty much has a built in psn [PlayStation Network] rootkit," he wrot... |
2 February 2011
05:15 GMT |
|
|
Microsoft has published a security advisory to warn users about a new zero-day vulnerability in the Windows Graphics Rendering Engine that could allow attackers to execute arbitrary code remotely.The problem stems from an error in the way the Graphics Rendering Engine processes thumbnail images and can trigger a stac... |
5 January 2011
05:17 GMT |
|
|
Exploit code for an unpatched remote code execution vulnerability in Internet Explorer has been added to the popular Metasploit open source penetration testing framework.The flaw was originally reported as a denial of service condition on the Full Disclosure mailing list on December 8.However, vulnerability research ... |
22 December 2010
12:18 GMT |
|
|
Microsoft has finally patched a remote code execution Internet Explorer vulnerability actively exploited in the wild since six weeks ago, as well as the last Stuxnet zero-day flaw.Yesterday, Microsoft released a number of 17 security bulletins covering a total of 40 vulnerabilities in Windows, Office, Internet Explor... |
15 December 2010
04:51 GMT |
|
|
Security giant McAfee is investigating a publicly disclosed DLL preloading vulnerability in version 8.5i of its VirusScan Enterprise (VSE) product, which can lead to remote code execution.McAfee VirusScan Enterprise is the company’s endpoint antivirus product for corporate environments and is currently at versi... |
2 December 2010
08:47 GMT |
|
|
New versions of the OpenSSL toolkit have been released in order to address a critical vulnerability that can lead to denial of service and remote arbitrary code execution.In a security advisory published today, the OpenSSL security team notes that versions 0.9.8f through 0.9.8o, 1.0.0 and 1.0.0a are affected by the n... |
16 November 2010
13:21 GMT |
|
|
A critical buffer overflow vulnerability, which allows attackers to execute arbitrary code from a remote location, was patched in the newly released ProFTPD 1.3.3c version.The vulnerability was reported through TippingPoint's Zero Day Initiative (ZDI) program, which pays security researchers for zero-day flaws.A... |
2 November 2010
11:11 GMT |
|
|
Security researchers have released proof-of-concept exploit code for a remote code execution vulnerability in Office for Windows and Mac, that was patched earlier this month.Identified as CVE-2010-1245, the flaw is described as an Microsoft Excel SxView record parsing memory corruption.It affects Office Excel 2002, M... |
1 October 2010
08:37 GMT |
|
|
Apple has released security updates for its Safari Web browser in order to address three vulnerabilities that could result in arbitrary code execution.The new Safari 5.0.2 was released for both Windows and Mac OS X, while the 4.1.2 update is only available to Mac Tiger users.One of the resolved issues, identified as ... |
8 September 2010
04:41 GMT |
|
|
Adobe has released new versions for its Flash Player, AIR, ColdFusion and Flash Media Server products in order to affect critical security issues that could result in arbitrary code execution and sensitive information disclosure.The new Flash Player 10.1.82.76 and 9.0.280 versions contain fixes for various memory cor... |
11 August 2010
05:24 GMT |
|
|
Adobe has confirmed a zero-day remote code execution vulnerability revealed by a security researcher during the Black Hat security conference last week. The company has yet to decide if it needs to break out of its quarterly update cycle in order to patch it.The Adobe bug was disclosed by renowned hacker and security... |
4 August 2010
03:24 GMT |
|
|
A highly critical remote code execution vulnerability has been discovered in the latest version of QuickTime for Windows. Secunia reports that the flaw can be exploited by tricking users into viewing a maliciously crafted Web page.According to an advisory published by the Danish vulnerability intelligence vendor, a f... |
28 July 2010
13:38 GMT |
|
|
A new release for Firefox 3.6 has been issued by Mozilla, settings the latest official stable build to 3.6.8. The new edition of the highly popular web browser comes only with one stability fix to a problem that occurred on some pages containing plugins. Mozilla Foundation Security Advisory titled the issue the &ldq... |
24 July 2010
05:36 GMT |
|
|
Mozilla released updates to its popular Thunderbird email client in order to address multiple security and stability issues. The new Thunderbird 3.1.1 and 3.0.6 contain fixes for critical bugs that can be exploited to execute arbitrary code on targeted systems.There are a total of ten security advisories associated w... |
21 July 2010
09:16 GMT |
|
|
Mozilla has released Firefox 3.6.7, an update which addresses several security and stability issues. In total, eight critical, two high and four moderate security advisories were issued along with the new version of the popular browser.According to Mozilla's severity rating system, vulnerabilities marked as crit... |
21 July 2010
06:55 GMT |
|
|
The PNG Development Group has released new versions of the PNG reference library, libpng, addressing serious security issues that could lead to remote code execution or denial of service conditions.libpng is a collection of C functions for handling PNG (Portable Network Graphics) images and supporting most of the for... |
29 June 2010
03:49 GMT |
|
|
Adobe warns users that an unpatched vulnerability affecting Flash Player, Reader and Acrobat is actively being exploited in the wild. The critical flaw allows attackers to remotely execute arbitrary code. The vulnerability affects the latest stable releases of Flash Player 10.0.x and 9.0.x, as well as any older vers... |
5 June 2010
06:32 GMT |
|
|
A highly critical Safari vulnerability, which facilitates remote code execution, has been disclosed as a zero-day at the end of last week. Because no patch is available the United States Computer Emergency Readiness Team (US-CERT) recommends disabling JavaScript entirely in the browser.
In a security advisory rele... |
12 May 2010
11:02 GMT |
|
|
Adobe released a security update yesterday for its Download Manager (DLM) application used to install Flash Player and Adobe Reader. The patch addresses a critical remote code execution vulnerability, which allowed a potential attacker to push any executable file to unsuspecting users.The serious Adobe DLM flaw was p... |
24 February 2010
09:56 GMT |
|
|
A serious vulnerability has been identified in the Adobe Download Manager application used to update Flash Player and Adobe Reader. Attackers can reportedly leverage the bug to forcefully install any executable file on computers with the vulnerable application installed.According to Adobe, the purpose of its Download... |
19 February 2010
10:33 GMT |
|
|
A zero-day proof-of-concept exploit for a critical vulnerability in the latest Mozilla Firefox version has been recently released. The flaw allows attackers to execute malicious code on users' computers by tricking them into visiting a maliciously crafted page. According to Mozilla's Security Team, the bug... |
15 July 2009
05:12 GMT |
|
|
A hacker calling himself Arr1val has published proof-of-concept exploit codes for two 0-day vulnerabilities affecting Adobe Reader and Acrobat. The company has already confirmed one of them and strongly suggests disabling JavaScript in the products until a patch will be made available. The flaws are classified by Se... |
29 April 2009
05:27 GMT |
|
|
The release of proof-of-concept exploit code for an unresolved critical bug that allows for remote arbitrary code execution on the latest stable version of Mozilla Firefox has put developers on alert. A fix will be included in the 3.0.8 version of the browser, which is scheduled for release in a few days. The vulner... |
27 March 2009
05:53 GMT |
|
|
Adobe has just released the 10.0.22.87 version of its Flash Player application. It includes fixes for serious vulnerabilities and is classified as critical. Users are urged to deploy the update, as attacks might follow. One of the most serious flaws addressed in the new version has been reported by security and vuln... |
25 February 2009
04:50 GMT |
|
|
Experts from vulnerability research firm Secunia warn that disabling JavaScript in Adobe Reader and Acrobat products does not efficiently protect against the recently-disclosed 0-day remote code execution vulnerability affecting them. Until Adobe will address the problem, another security researcher has created an un... |
25 February 2009
03:24 GMT |
|
|
Security researchers from antivirus vendor Trend Micro warn of a new strain of malware that targets a recently-patched vulnerability in Internet Explorer 7. Successful exploitation results in remote code execution in the form of a malicious .dll file. During "Patch Tuesday" last week, Microsoft addressed a critical ... |
18 February 2009
06:26 GMT |
|
|
The security research company Secunia has released an advisory regarding a highly critical vulnerability that affects Trend Micro's free online HouseCall scanner. If exploited successfully, the bug allows for remote code execution, and the system is completely compromised. HouseCall is an online anti-virus scann... |
23 December 2008
06:13 GMT |
|
|
Adobe has announced the existence of no less than five local and remote code execution vulnerabilities in the 8.1.2 and earlier versions of Adobe Reader and Acrobat. Security patches have been released for all of them along with an advisory, which also includes a privilege escalation and a denial of service vulnerabi... |
5 November 2008
08:08 GMT |
|
|
Opera 9.61 security update was released last week and fixed a vulnerability in the browser's History Search feature which allowed for remote attackers to read the browser history of the users visiting a maliciously crafted web page. Even though Opera rated this vulnerability as “Extremely Severe”, it... |
28 October 2008
04:47 GMT |
|
|
Microsoft usually releases patches once a month, on a day called by the industry the “Patch Tuesday”. However, the Redmond company released an unscheduled advisory along with a patch for a highly critical vulnerability in the Server service, which can be exploited remotely and allow code execution. Accord... |
24 October 2008
08:26 GMT |
|
|
|
|
Find us on Google+
