Previous
Flaw exposes Chrome, Firefox to clickjacking
News Security researchers have discovered a flaw affecting Google's Chrome browser that exposes it to clickjacking — where an attacker hijacks a browser's functions by substituting a legitimate link with a link of the attacker's choice.
[January 29, 2009, 7:43]
Flaw lets malicious Web pages attack Windows
News The flaw in the scripting component of the operating system lets attackers run code through the scripting engine as if the program had been executed locally on a PC, allowing them to run their own programs or to take over the system.
[March 20, 2003, 8:21]
Flaw detected in Check Point security
News Two of the most popular pieces of security software on the Internet contain a newly discovered flaw that could enable an intruder to send traffic through a firewall or possibly launch a denial-of-service attack.
[July 11, 2001, 11:07]
Flaw discovered in Symantec firewall
News Researchers have discovered a flaw in Symantec's Raptor firewall that could allow attackers to hijack legitimate communications with a protected system. A weakness in the generation of these ISNs could allow a remote attacker to easily predict...
[August 6, 2002, 11:48]
Flaw found in MS security patch
News A flaw in a software tool just released by Microsoft could lead software developers to inadvertently write programs that are vulnerable to attack, according to security specialists who discovered the flaw.
[February 14, 2002, 14:04]
Flaw threatens major worm attack
News A hacker group has released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack, security researchers warned. In June 2001, his company released details of another Microsoft flaw, in a component of Web server...
[July 28, 2003, 8:55]
Flaw harbours Slammer potential
News A research company warned on Tuesday that an attacker could use a recently patched Microsoft flaw to create a fast-moving worm similar to SQL Slammer, which spread rapidly across the Internet a year ago.
[December 10, 2003, 7:30]
Flaw found in power-plant software
News The flaw in the Wonderware SuiteLink Service, as reported by security researcher Sebastian Muniz from Core Security Technologies, means unauthenticated client programs connecting to the SuiteLink Service prior to version 2.0 patch 1 can send a...
[May 19, 2008, 13:27]
Flaw reported in updated Firefox
News A potential flaw has been reported in the latest version of Mozilla's Firefox web browser, version 2.0.0.12. Vulnerability researcher Ronald van den Heetkamp published a directory traversal flaw in Firefox version 2.0.0.12 on Friday, hours after...
[February 11, 2008, 11:48]
Flaw found in Sony DRM patch
News Sony BMG is replacing a patch for its CD copy-restriction software after Princeton University researchers found a security flaw in the update. Along with the Electronic Frontier Foundation, a digital rights group, the record label released a patch...
[December 9, 2005, 8:05]
Flaw threatens SME security devices
News A flaw affecting eight vendors' Universal Threat Management security appliances was identified by US-based security firm Calyptix last week. One of the affected devices is Check Point's Safe@Office, which on Friday was the only vendor to have...
[July 2, 2007, 17:39]
Flaw threatens source of open source
News It doesn't get much more critical than allowing an attacker to modify source code and secretly plant Trojans, backdoors, and other rogue code -- and those are the kind of activities that can result from this flaw.
[February 10, 2003, 12:52]
EarthLink flaw exposes domains
News Joining several other makers of shopping cart software, Extropia was notified of the flaw in its open-source product on Oct. The vulnerability resulted from a recently discovered flaw in an open-source e-commerce package combined with a...
[October 18, 2000, 7:46]
Trojan exploiting unpatched Office flaw found in the wild
News A new Trojan horse exploits an unpatched flaw in Microsoft Office and could let an attacker commandeer vulnerable computers, security experts have warned. The malicious code takes advantage of a flaw in Microsoft's Jet Database Engine, a...
[October 3, 2005, 8:55]
Report: AT&T flaw exposed customer data
News A flaw on AT&T's Web site has exposed billing and account information for thousands of small businesses to other customers, according to a report by MSNBC.com. Only existing customers who were logged into the system would have been able to exploit...
[January 3, 2001, 11:10]
Fresh IE flaw report probed
News A new flaw in Internet Explorer could be exploited to launch spoof-based attacks, or access and change data on vulnerable machines, security experts have warned. The software maker is not aware of any attacks that take advantage of the flaw, the...
[September 29, 2005, 9:00]
Highly critical flaw found in Office 2007
News Researchers have discovered a "highly critical" security flaw in newly released Office 2007, despite Microsoft's efforts to deliver its most secure version yet of the productivity software. We were surprised we could find a flaw so quickly [after...
[February 26, 2007, 7:33]
Microsoft patches 'important' XP, Windows Server 2003 flaw
News The flaw exists in the way Windows' Help and Support Centre validates information that is sent to it. The patch is posted to the company's security Web site, as is a bulletin outlining the flaw. The announcement of the flaw comes as Microsoft works...
[May 12, 2004, 8:35]
Firefox flaw code published
News The flaw lies in the way the browsers handle International Domain Names, which are Web addresses that use international characters. Hackers had been working to exploit the flaw and had said the code would be released after fixes were available.
[September 23, 2005, 12:15]
Office flaw exploit code published
News Microsoft is investigating the report of a flaw that could open systems using its Access or Office software up to attack. Secunia rated the problem "highly critical", noting that exploit code for the flaw had been shared on a public mailing list.
[April 13, 2005, 10:40]
