arbitrary code execution

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Apple plugs code execution, phishing holes in Safari browser

Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks. The update is considered highly-critical and should be immediately applied on both Windows and Mac systems because of the risk of information disclosure, phishing...

Tags: Apple Macintosh, Apple Safari, Microsoft Windows Vista, Apple Inc., Web Site, Web Browser, Arbitrary Code Execution, Application Termination, Browser Version, Phishing, Microsoft Windows, Apple Mac OS X, Microsoft Windows Vista (Longhorn), Apple Mac OS, Microsoft Windows XP, Web Site Development, Cyberthreats, Operating Systems, Security, Spam And Phishing, Software, Internet, Ryan Naraine

Blog posts 2009-08-12

Apple warns of Mac attack risk via image files

Apple today warned that opening or viewing image files could lead to remote code execution attacks against Mac OS X users. In an update that contains fixes for a total of 19 documented vulnerabilities, Apple said malicious hackers could rig PNG Portable Network Graphics and other images...

Tags: Apple Macintosh, Apple Inc., Arbitrary Code Execution, Image, PNG, Attack, Application Termination, OpenEXR, Ryan Naraine

Blog posts 2009-08-05

Adobe patches 13 critical Reader, Acrobat vulnerabilities

Adobe has issued its first ever scheduled quarterly update for its Reader/Acrobat product line, a mega-patch covering 13 documented security vulnerabilities. The patches address "critical vulnerabilities" in Adobe Reader 9.1.1 and Acrobat 9.1.1 and earlier versions.  "These vulnerabilities would cause the application to crash and could potentially...

Tags: Adobe Systems Inc., Adobe Acrobat, Vulnerability, Update, Arbitrary Code Execution, Memory Corruption Vulnerability, Security, Ryan Naraine

Blog posts 2009-06-09

Apple plugs gaping QuickTime security holes

Apple today released QuickTime 7.6.2 with fixes for a variety of security vulnerabilities, some of which could lead to arbitrary code execution attacks. The update, available for Mac OS X, Windows XP and Windows Vista, covers a total of 10 documented vulnerabilities that could be exploited via...

Tags: Security, Apple QuickTime, Movie, Apple Inc., Arbitrary Code Execution, Buffer-overflow, Application Termination, Digital Music, Digital Media, Personal Technology, Consumer Electronics, Ryan Naraine

Blog posts 2009-06-01

Apple Patch Day: 67 Mac OS X, Safari vulnerabilities

On the same day Microsoft shipped a bundle of patches for gaping holes in its PowerPoint software, Apple followed suit, dropping a monster Mac OS X update to correct 67 security vulnerabilities. The sudden Apple Patch Day also included a patch to cover a trio of flaws...

Tags: Apple Macintosh, Apple Safari, Vulnerability, Apple Inc., Arbitrary Code Execution, Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2009-05-12

Apple plugs 21 Mac OS X security holes

Apple has released a peck of patches to cover at least 21 documented security vulnerabilities affecting Mac OS X users. With its eighth security update for 2008, the company shipped fixes for flaws that could lead to remote code execution and denial-of-service attacks .  The patch batch...

Tags: Apple Macintosh, Update, Apple Inc., Issue, Arbitrary Code Execution, Apple Mac OS X, Apple Mac OS, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2008-12-15

Firefox tops list of 12 most vulnerable apps

Mozilla's flagship Firefox browser has earned the dubious title of the most vulnerable software program running on the Windows platform. According to application whitelisting vendor Bit9, Firefox topped the list of 12 widely deployed desktop applications that suffered through critical security vulnerabilities in 2008.  These flaws exposed...

Tags: Mozilla Firefox, Attacker, Vulnerability, JRE, Arbitrary Code Execution, Buffer-overflow, Security, Viruses And Worms, Ryan Naraine

Blog posts 2008-12-15

iPhone update kills 12 security bugs

Apple has released iPhone OS 2.2 with patches for 12 documented security flaws, some very serious. The vulnerabilities covered by the patch which also affect iPod Touch could allow remote code execution, information theft, software crashes and weakened encryption settings. The skinny on this...

Tags: Apple iPhone, Security, Issue, SMS, Arbitrary Code Execution, Security Bug, Application Termination, Text Messaging/SMS/MMS, Telephony, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Networking, Ryan Naraine

Blog posts 2008-11-21

Sun plugs holes in StarOffice

Two weeks after the OpenOffice.org team shipped patches for code execution flaws in office suite, Sun Micrososystems has followed up with a high-priority update for StarOffice, which is based on the open-source code. Sun's patch, available for Windows, Linux and Solaris, address highly-critical vulnerabilities that could expose...

Tags: Sun Microsystems Inc., OpenOffice.org, Arbitrary Code Execution, StarOffice, OpenOffice, Patches, Open Source, Office Suites, Software, Ryan Naraine

Blog posts 2008-11-14

Apple fixes 12 Safari security flaws

Apple has release Safari 3.2 to fix at least a dozen security flaws, some very serious. The update, available for Windows XP, Windows Vista and Mac OS X Tiger and Leopard, address vulnerabilities that could be exploited to take full control of a compromised machine. ...

Tags: Apple Safari, Apple Inc., Arbitrary Code Execution, Buffer-overflow, TIFF, Application Termination, Security, Viruses And Worms, Ryan Naraine

Blog posts 2008-11-13

Apple ships patch for iLife security flaws

Apple has shipped a major iLife security update to fix three documented vulnerabilities that could expose Mac OS X users to arbitrary code execution attacks. The flaws patched with the new iLife Support 8.3.1 could be exploited via specially crafted TIFF or JPEG images, Apple warned in...

Tags: Security, Apple Macintosh, Apple iLife, Apple Inc., Arbitrary Code Execution, Image, TIFF, Application Termination, Apple Mac OS, Operating Systems, Software, Ryan Naraine

Blog posts 2008-11-10

Mac OS X Patch Day: 40 security flaws fixed

Apple has shipped another whopper of a patch to cover a total of 40 documented vulnerabilities affecting the Mac OS X ecosystem. The Security Update 2008-007, available for Tiger and Leopard, covers a range of third-party components and Mac OS X flaws that could users at risk...

Tags: Apple Macintosh, Vulnerability, Arbitrary Code Execution, Application Termination, Apple Mac OS X, Security, Operating Systems, Software, Apple Mac OS, Ryan Naraine

Blog posts 2008-10-09

Apple mega-patch covers 34 Mac OS X security issues

Apple has shipped another mega-update to address security vulnerabilities affecting Mac OS X users, warning that the most serious issues could lead to arbitrary code execution attacks. The update, available for Tiger and Leopard, addresses a total of 34 documented vulnerabilities, some in third-party components like ClamAV,...

Tags: Security, Apple Mac OS, Apple Macintosh, Password, DNS, Apple Inc., Apple Mac OS X, Arbitrary Code Execution, Application Termination, CVE-2008-1382, Domain Names, Networking, Internet, Ryan Naraine

Blog posts 2008-09-15

Apple plugs gaping QuickTime security holes

Apple today released a major makeover to its iTunes and QuickTime software products, fixing at least 11 documented security vulnerabilities that could lead to Mac and PC takeover attacks. QuickTime 7.5.5, which should be considered an "extremely critical" update, address nine different vulnerabilities that could cause some...

Tags: Security, Apple Macintosh, Apple QuickTime, Microsoft Windows XP, Service Pack 2, Movie, SP3, Microsoft Windows Vista, Apple Inc., Arbitrary Code Execution, Apple iTunes, Application Termination, Movie File, PICT, Apple Mac OS X, Apple Mac OS, Microsoft Windows XP Service Pack 2, Digital Music, Digital Media, Microsoft Windows, Operating Systems, Software, Personal Technology, Consumer Electronics, Ryan Naraine

Blog posts 2008-09-09

Apple finally ships DNS flaw fix, patches 16 other Mac OS X holes

[ UPDATE: nCircle Andrew Storms reports that the DNS client on the OSX 10.4.11 distribution still has not been patched.  ] Apple has shipped a Mac OS X security update with patches for at least 17 documented vulnerabilities, including a fix for the serious DNS...

Tags: Apple Macintosh, DNS, Patch Management, Apple Inc., Issue, Arbitrary Code Execution, Flaw, Application Termination, Apple Mac OS X, Apple Mac OS, Domain Names, Operating Systems, Software, Internet, Ryan Naraine

Blog posts 2008-07-31

Apple ships (long overdue) iPhone security patches

Finally, after months of waiting, iPhone users finally get security fixes for a batch of known software vulnerabilities. The latest iPhone 2.0 and iPod Touch 2.0 update patches at least 13 documented vulnerabilities, including several code execution holes in the Safari mobile Web browser. The...

Tags: Apple iPhone, Apple Safari, JavaScript, Apple Inc., Web Site, Arbitrary Code Execution, Application Termination, Memory Corruption, Web Site Development, Web Technology, Security, Internet, Ryan Naraine

Blog posts 2008-07-11

Apple releases patches for dangerous QuickTime flaws in Apple TV 2.1 product

Apple released patches for its Apple TV 2.1 product yesterday. Some of you might be saying, why do I care, I don't use Apple TV. Well, if you do use Apple TV, you obviously should care as some of these are very serious flaws, but if you don't,...

Tags: Apple QuickTime, Movie, Patch Management, Apple Inc., Issue, Apple TV, Arbitrary Code Execution, Flaw, IMPACT, CVE-ID, Application Termination, Nathan McFeters

Blog posts 2008-07-11

Apple plugs 25 Mac OS X security vulnerabilities

Apple has shipped another Mac OS X monster update to fix a total of 25 documented vulnerabilities that could lead to arbitrary code execution attacks. With Security Update 2008-004, Apple fixes code execution flaws in Launch Services, SMB File Server, System Configuration, VPN and WebKit. ...

Tags: Security, Apple Macintosh, Apple Inc., Arbitrary Code Execution, Small And Medium Business, Apache Tomcat, Application Termination, Apple Mac OS X, Apple Mac OS, Smb/Sme, Operating Systems, Software, Ryan Naraine

Blog posts 2008-06-30

Apple plugs eight more QuickTime holes

Apple today shipped its fifth QuickTime security update for 2007, patching at least eight vulnerabilities that could cause code execution attacks on Mac OS X, Windows XP and Windows Vista systems.The skinny, according to this Cupertino alert:CVE-2007-2295 -- A memory corruption issue exists in QuickTime's handling of H.264 movies....

Tags: Apple, Botnets, Browsers, Data theft, Exploit code, Metasploit, Microsoft, Mozilla, Passwords, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research, Zero-day attacks

Blog posts 2007-07-11

Serious QuickTime bugs bite Windows Vista, Mac OS X

Multiple flaws in Apples QuickTime media player could put millions of Windows and Mac users at risk of code execution attacks, Apple confirmed in an advisory issued today.A mega-update from Cupertino plugs a total of eight code execution vulnerabilities in QuickTime, all affecting Windows Vista, Microsofts new operating system. The...

Tags: Digital rights management, Pen testing, Viruses and Worms, Exploit code, Spyware and Adware, Spam and Phishing, Vulnerability research, Rootkits, Windows Vista, Microsoft, Apple, Patch Watch, Hackers

Blog posts 2007-03-05