Blogs

Poppler Embedded Fonts Processing Vulnerability

http://secunia.com/advisories/29836/ - Poppler is a PDF rendering engine used by xpdf, evince and other tools. There is a system compromise vulnerability that can be exploited by processing malicious PDF files. RedHat has released poppler-0.5.4-4.4 to fix this vulnerability. It is suggested to test and update to this version during the next outage window.

Nagios Plugins Long Location Header Buffer Overflow Vulnerability

http://secunia.com/advisories/27124/ - A vulnerability in the plugins for Nagios could lead to system compromise. Successful exploitation requires that a connection is made to a malicious web server. This affects versions prior to 1.4.10. Fedora just released updates for nagios-plugins for Fedora 7 and Fedora 8.

Multiple Firefox vulnerabilities could lead to system compromise

http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/ - Multiple vulnerabilities were found in version 2.0.0.12 and 2.0.0.13 which could lead to many different types of information disclosure, cross site scripting and possibly even system compromise. It is recommended to update to v2.0.0.14 at the next outage window. It is also noted that v1.5.x of Firefox has not been supported for almost a year and upgrading to 2.0 is highly recommended.

Multiple Firefox vulnerabilities could lead to system compromise

http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/ - Multiple vulnerabilities were found in version 2.0.0.12 and 2.0.0.13 which could lead to many different types of information disclosure, cross site scripting and possibly even system compromise. It is recommended to update to v2.0.0.14 at the next outage window. It is also noted that v1.5.x of Firefox has not been supported for almost a year and upgrading to 2.0 is highly recommended.

Multiple Firefox vulnerabilities could lead to system compromise

http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/ - Multiple vulnerabilities were found in version 2.0.0.12 and 2.0.0.13 which could lead to many different types of information disclosure, cross site scripting and possibly even system compromise. It is recommended to update to v2.0.0.14 at the next outage window. It is also noted that v1.5.x of Firefox has not been supported for almost a year and upgrading to 2.0 is highly recommended.

Pages