Oracle Java SE and Java for Business Critical Patch Update Advisory
Oracle released a collection of patches for multiple security vulnerabilities in the Java SE and Java for Business which includes security and non-security fixes. This update contains 27 new security fixes across all products. The security bulletin is posted here.
Note: Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.
Affected product releases and versions:
Java SE:
JDK and JRE 6 Update 18 and earlier for Windows, Solaris, and Linux
JDK 5.0 Update 23 and earlier for Solaris
SDK 1.4.2_25 and earlier for Solaris
The Java SE update is available here.
Java for Business:
JDK and JRE 6 Update 18 and earlier for Windows, Solaris and Linux
JDK and JRE 5.0 Update 23 and earlier for Windows, Solaris and Linux
SDK and JRE 1.4.2_25 and earlier for Windows, Solaris and Linux
The Java for Business update is available here.
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Foxit Reader Security Update
Foxit Reader has released a security that fixes an issue that runs an embedded executable in a PDF document without asking the user's permission. The update can be launch from Foxit (select version 3.2.1.0401) or download it from here.
This update is related to a recent ISC diary "PDF Arbitrary Code Execution - vulnerable by design" published on the 31 March 2010.
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Apple QuickTime and iTunes Security Update
QuickTime 7.6.6 addresses 16 CVEs affecting both Windows and Mac. Additional information regarding the security fixes incorporated in this version is available here. Apple has rated several CVEs can lead to an unexpected application termination or arbitrary code execution.
iTunes 9.1 addresses 7 CVEs affecting Windows and Mac. Additional information regarding the security fixes incorporated in this version is available here. Apple has rated several CVEs can lead to an unexpected application termination or arbitrary code execution including Denial of Service.
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Security Advisory for ESX Service Console
VMware has released the security advisory VMSA-2010-0006 affecting the ESX Service Console. Update are available for samba and acpid.
The following CVE numbers are part of this advisory: CVE-2009-2906, CVE-2009-1888, CVE-2009-2813, CVE-2009-2948, CVE-2009-0798. Additional information is available here.
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago