1-888-595-0672[email protected]

Blog

Windows 10 Vulnerability

A vulnerability called “use-after-free” in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted toolbar object.

“Bulletin (CVE-2015-2515).” US-CERT. Department of Homeland Security, 13 Oct. 2015. Web. 20 Oct. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-292>.

Read More
Android Vulnerability

In Android through 5.1.1, libutils allows remote attackers to execute arbitrary code via crafted metadata in a MP3 or MP4 file, as demonstrated by an attack against use of libutils by libstagefright in Android 5.x.

“Bulletin (CVE-2015-6602).” US-CERT. Department of Homeland Security, 1 Oct. 2015. Web. 05 Oct. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-278>.

Read More
Vulnerability in Mozilla Firefox

Several vulnerabilities in versions prior to 41.0 of Mozilla Firefox allow remote attackers to cause memory corruption through unknown vectors.

“Bulletin (CVE-2015-4501).” US-CERT. Department of Homeland Security, 24 Sept. 2015. Web. 01 Oct. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-271>.

Read More
Vulnerability in iTunes

Versions 9 and earlier of CoreText in Apple iOS & versions prior to 12.3 of iTunes allows remote attackers to execute arbitrary code or cause a memory corruption. Please review CVE-2015-5874 for more information.

“Bulletin (CVE-2015-5874 ).” US-CERT. Department of Homeland Security, 18 Sept. 2015. Web. 24 Sept. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-264>.

 

Read More
Adobe Shockwave Player Vulnerability

Versions prior to 12.2.0.162 of Adobe Shockwave Player allows attackers to execute arbitrary code or cause a memory corruption through unspecified vectors. Please review CVE-2015-6680 for more information.

“Bulletin (CVE-2015-6680).” US-CERT. Department of Homeland Security, 8 Sept. 2015. Web. 17 Sept. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-257>.

Read More
Vulnerability in Google Chrome

Several unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to cause a denial of service via unknown vectors.

“Bulletin (CVE-2015-1301).” US-CERT. Department of Homeland Security, 3 Sept. 2015. Web. 09 Sept. 2015. <https://www.us-cert.gov/ncas/bulletins/SB15-250>.

Read More
Apple QuickTime Vulnerability

Versions prior to 7.7.8 of Apple QuickTime allows remote attackers to perform arbitrary code or cause a denial of service through a crafted file. Please review CVE-2015-5785 for more information.

“Bulletin (CVE-2015-5785).” US-CERT. Department of Homeland Security, 24 Aug. 2015. Web. 01 Sept. 2015.

Read More
MS Office Vulnerability

A vulnerability in Office 2010 SP2, Word 2010 SP2, Microsoft Word 2007 SP3,  and Office for Mac 2011 allows remote attackers to execute arbitrary code through a well constructed document also known as “Microsoft Office Memory Corruption Vulnerability.” Please review CVE-2015f-2469 for more information.

“Bulletin (CVE-2015-2469).” US-CERT. Department of Homeland Security, 14 Aug. 2015. Web. 27 Aug. 2015.

 

Read More
Vulnerability in Internet Explorer

Versions 7 through 11 for Microsoft Internet Explorer allows remote attackers to cause a memory corruption also known as a “Memory Corruption Vulnerability”. Please review CVE-2015-2441 for more information.

“Bulletin (CVE-2015-2441).” US-CERT. Department of Homeland Security, 14 Aug. 2015. Web. 17 Aug. 2015.

Read More
Vulnerability in WordPress

WordPress versions prior to 4.2.3 does not properly authenticate the “edit_posts” functionality which allows authenticated users to bypass access restrictions and create drafts by using the Subscriber role. Please review CVE-2015-5623 for more information.

“Bulletin (CVE-2015-5623).” US-CERT. Department of Homeland Security, 3 Aug. 2015. Web. 12 Aug. 2015.

Read More