securityadmin's blog

Security updates available for Adobe Illustrator CS4 and CS3

http://www.adobe.com/support/security/bulletins/apsb10-01.html

"Critical vulnerabilities have been identified in Adobe Illustrator CS4
(14.0.0) and Adobe Illustrator CS3 (13.0.3 and earlier versions), on the
Windows and Macintosh operating systems. The vulnerabilities could lead
to arbitrary code execution. Adobe has provided a solution for the
reported vulnerabilities. It is recommended that users update their
installations".

Thanks,
ep

Multiple Vendors libc/gdtoa printf(3) Array Overrun

http://securityreason.com/achievement_securityalert/63

A new version of libc/gdtoa includes an overrun vulnerability. This
core component affects many OSs and programs, including:

OpenBSD
NetBSD
FreeBSD
MacOS X

Google Chrome
Mozilla Firefox
Mozilla SeaMonkey
Opera
KDE
K-Meleon

OS and software updates should be released soon to fix this issue. It
could lead to arbitrary code execution for any of these software titles.

RHEL dbus security update

http://rhn.redhat.com/errata/RHSA-2010-0018.html

"It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did
not correctly fix the denial of service flaw in the system for sending
messages between applications. A local user could use this flaw to send a
message with a malformed signature to the bus, causing the bus (and,
consequently, any process using libdbus to receive messages) to abort.
(CVE-2009-1189)

Security updates available for Adobe Illustrator CS4 and CS3

http://www.adobe.com/support/security/bulletins/apsb10-01.html

"Critical vulnerabilities have been identified in Adobe Illustrator CS4
(14.0.0) and Adobe Illustrator CS3 (13.0.3 and earlier versions), on the
Windows and Macintosh operating systems. The vulnerabilities could lead
to arbitrary code execution. Adobe has provided a solution for the
reported vulnerabilities. It is recommended that users update their
installations".

Thanks,
ep

Multiple Vendors libc/gdtoa printf(3) Array Overrun

http://securityreason.com/achievement_securityalert/63

A new version of libc/gdtoa includes an overrun vulnerability. This
core component affects many OSs and programs, including:

OpenBSD
NetBSD
FreeBSD
MacOS X

Google Chrome
Mozilla Firefox
Mozilla SeaMonkey
Opera
KDE
K-Meleon

OS and software updates should be released soon to fix this issue. It
could lead to arbitrary code execution for any of these software titles.

RHEL dbus security update

http://rhn.redhat.com/errata/RHSA-2010-0018.html

"It was discovered that the Red Hat Security Advisory RHSA-2009:0008 did
not correctly fix the denial of service flaw in the system for sending
messages between applications. A local user could use this flaw to send a
message with a malformed signature to the bus, causing the bus (and,
consequently, any process using libdbus to receive messages) to abort.
(CVE-2009-1189)

Pages