|
|
10 Oct 2008 |
Sun Java System Web Proxy Server is prone to a heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in a denial-of-service condition.
This issue affects Sun Java System Web Proxy Server 4.0 up to and including 4.0.7. |
| Securityfocus.com |
|
|
|
|
10 Oct 2008 |
CA has released a Security Notice to address multiple vulnerabilities in CA ARCserve Backup. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Security Notice and apply any necessary updates to help mitigate the risks.
|
| US-CERT |
|
|
|
|
10 Oct 2008 |
Apple has released Security Update 2008-007 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site request forgery or cross-site scripting attacks, cause a denial-of-service condition, or operate with escalated privileges.
US-CERT encourages users and administrators to review Apple Article HT3216 and apply any necessary updates to help mitigate the risks.
|
| US-CERT |
|
|
|
|
10 Oct 2008 |
Ruby is prone to a remote denial-of-service vulnerability.
Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable library or functions.
Versions up to and including Ruby 1.9.0-3 are vulnerable. |
| Securityfocus.com |
|
|
|
|
10 Oct 2008 |
Apple Mac OS X is prone to multiple security vulnerabilities that have been addressed in Security Update 2008-007.
The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. |
| Securityfocus.com |
|
|
|
