WatchMouse surveille étroitement l’actualité récente sur la sécurité et les rapports de vulnérabilité. Contrôlez régulièrement ici les mises à jour ou abonnez-vous en utilisant le formulaire de droite pour recevoir par e-mail nos dernières informations sur la sécurité.
Consultez la liste complète des plus récentes vulnérabilités ici.
Consultez la liste complète des plus récentes vulnérabilités ici.
| 15 mar 2010 | |
| Yahoo! Player is prone to a stack-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The issue affects Yahoo! Player versions 1.5.01.409 and 1.0; other versions may also be affected. |
|
| Securityfocus.com | |
| 15 mar 2010 | |
| GNU Tar and GNU Cpio are prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following: GNU Tar versions prior to 1.23 GNU Cpio versions prior to 2.11 |
|
| Securityfocus.com | |
| 15 mar 2010 | |
| The 'libpng' library is prone to a remote denial-of-service vulnerability. Successful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. Successful exploits will allow an attacker to obtain potentially sensitive information. Versions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. |
|
| Securityfocus.com | |
| 15 mar 2010 | |
| ViewVC is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials. Other attacks are also possible. Versions prior to ViewVC 1.1.4 and 1.0.10 are vulnerable. |
|
| Securityfocus.com | |
| 13 mar 2010 | |
| The 'com_races' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. |
|
| Securityfocus.com | |
| prochain » |
