Multiple vulnerabilities have been discovered in iCloud for Windows, iOS, iTunes for Windows, macOS High Sierra, Siera, El Capitan, Safari, tvOS and watchOS, the most severe of which could allow for arbitrary code execution. Details of these vulnerabilities are as follows: – Multiple memory corruption issues were addressed with improved memory handling – (CVE-2017-7132) – …
Multiple vulnerabilities have been discovered in OpenOffice, which could allow for arbitrary code execution. OpenOffice is an open-source productivity software suite that contains a word processor, spreadsheet application, presentation application, drawing application, formula editor, and a database management application. Details regarding these vulnerabilities are as below: a) A vulnerability in the OpenOffice Writer DOC file …
Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. Details of these vulnerabilities are as below: Version 7.1.11 Bug #75241 (Null pointer dereference in zend_mm_alloc_small()). Bug #75236 (infinite loop when printing an error-message). Bug #75252 (Incorrect token formatting on two parse errors in one …
Oracle informed customers on Friday that its Identity Manager product is affected by a critical vulnerability that can be easily exploited by malicious actors. Part of the company’s Oracle Fusion Middleware offering, Identity Manager is an enterprise identity management system that automatically manages user access privileges across all of the organization’s resources. Oracle Identity Manager …
Researchers at Cisco Talos have discovered three vulnerabilities in Apache OpenOffice that can be exploited by malicious actors for remote code execution using specially crafted document files. Talos has classified the flaws as “high severity” with a CVSS score of 8.3, but the open source software’s developers have assigned them a severity rating of only …
As society becomes more connected and technology more ubiquitous, securing the systems, networks and data on which we rely becomes increasingly important – for individual safety, economic security, and national defense. Digital attacks can now affect critical infrastructure, turn smartphones into monitoring devices, and put the safety of healthcare patients at risk. Read more about …
The spread of new technologies and data analytics, the digitisation of business and increased digital links between organisations and their employees, is expected to escalate tomorrow’s cyber risk as those behind cyberattacks become more sophisticated in their execution and their endeavours are not diminishing. The solution demands a resilient IT security strategy that includes a …
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could result in arbitrary code execution. These vulnerabilities can be exploited if a user visits, or is redirected to, a specially crafted web page. Details of the vulnerabilities are as follows: a)UXSS with MHTML – (CVE-2017-5124) b)Heap overfin Skia – (CVE-2017-5125) c) …
Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Information on these vulnerabilities and how they can be fixed can be found on the Oracle Website at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
The number of attacks aimed at websites has increased considerably in the past months, according to a new report published on Monday by SiteLock. SiteLock’s Website Security Insider report, which is based on the analysis of more than 6.3 million sites, shows that there were, on average, 63 attack attempts per day on websites in …