An use-after-free vulnerability is present in Microsoft Internet Explorer 10 ( CVE-2014-0322 ) which allows remote attackers to execute arbitrary code. This vulnerability is being exploited in the wild as Watering hole attack, in which the attacker injects a javascript or hidden iframe into a website, which will redirect to a malicious page. In this attack, […]

Read More →

A new zero-day vulnerability (CVE-2014-0502) in Adobe Flash Player is being exploited in the wild. A double free vulnerability exists in Adobe Flash Player that can be used to execute arbitrary code. The flaw allows attackers to take complete control of the system remotely. Affected versions of Adobe Flash Player are before 11.7.700.269 and 11.8.x […]

Read More →

IBM Platform Symphony Developer Edition is a free software to develop and test High-performance computing (HPC) and Grid Computing SDK, which pool out your technical computing resources to run big data and/or compute-intensive problems. Vulnerability Description: The “login.jsp” servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hard coded credentials, which allows […]

Read More →

thirty-one individual vulnerabilities. Four Bulletins are classified as Critical and three as important. According to Microsoft’s security bulletin, the most severe and critical vulnerabilities exists in Internet Explorer. Microsoft released two critical patches at last moment for Windows and Forefront Protection for exchange. The three important fixes addresses vulnerabilities in Windows, .NET Framework, XML Core […]

Read More →

RealPlayer is vulnerable to multiple stack based buffer overflow vulnerabilities (CVE-2013-7260). This flaw allows attackers to execute arbitrary code and take complete control of the system remotely. Affected versions of RealPlayer are before 17.0.4.61 on Windows systems. The vulnerability is because of the way ‘version’ and ‘encoding’ attribute in the XML declaration of an RMP […]

Read More →

Adobe released critical security patch for Flash Player. The patch addresses (CVE-2014-0497) an integer underflow vulnerability that can be used to execute arbitrary code. This flaw allows attackers to take complete control of the systems remotely. The Linux and Mac operating systems are affected apart from Windows. Affected versions of Adobe Flash Player are 11.8.x […]

Read More →