07/02, 11:20pm
Firefox 3 record
Mozilla on Tuesday posted Firefox 2.0.0.15, an update to its web browser that resolves several vulnerabilities, ranging from several benign problems, to critical bug fixes related to arbitrary code execution and remote control of a user's system. Among the major fixes are MFSA 2008-21, 2008-24, 2008-25, and 2008-33, which resolve crashes when memory is corrupted, Chrome script loading vulnerabilities, arbitrary code execution in a .loadSubScript() command, as well as crashing and remote code execution.
more
05/28, 8:40pm
Apple: critical updates
Apple on Wednesday released dozens of security updates part of its Mac OS X 10.5.3 update for Leopard and Security Update 2008-003(PPC Tiger client, Intel Tiger client, PPC Server, Universal Server) for Mac OS X Tiger, including critical bugs for remote shutdown, arbitrary code execution (multiple including JPG2000 issues), denial of service (via viewing PNG files), private information information disclosure (via SSL, Tiger Mail, Unicode, malicious BMP/GIF files and Image Capture) as well as a critical code execution bug for the continually updated Adobe Flash plugin. Apple also updated its Single Sign-On feature (CVE-ID: CVE-2008-1578) to prevent passwords from being supplied other local users.
more
