(Jan 8) Yury Dyachenko discovered that Zend Framework uses the PHP XML parser in an insecure way, allowing attackers to open files and trigger HTTP requests, potentially accessing restricted information. [More…]
Comment
Archive for January 9th, 2013
6 results.
(Jan 4) joernchen of Phenoelit discovered that rails, an MVC ruby based framework geared for web application development, is not properly treating user-supplied input to “find_by_*” methods. Depending on how the ruby on rails application is using these methods, this allows an attacker [More…]
(Jan 8) Several security issues were fixed in Firefox.
(Jan 8) Several security issues were fixed in Thunderbird.
(Jan 8) Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Jan 9) An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]