Focus on Apple Mode:
(Page 2 of 26)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
BA-Con 2008 CFP - Buenos Aires, Sept. 30 / Oct. 1 (closes July 11 2008) 2008-06-27
Dragos Ruiu (dr kyx net)
BA-Con 2008 CALL FOR PAPERS

BUENOS AIRES, Argentina -- The first annual BA-Con applied
technical security conference - where the eminent figures in the
international and South American security industry will get together
and share best practices and technology - will be held in Buen

[ more ]  [ reply ]
Apple releases Safari 3.2.1 for Windows 2008-06-19
Todd Woodward (todd_woodward symantec com)
Apple today released "APPLE-SA-2008-06-19 Safari v3.1.2 for Windows".

It addresses the following issues:

Safari

Type: Inadvertent information disclosure; maliciously crafted BMP or GIF
images
Resolution: Additional BMP and GIF image validations
Credit: Gynvael Coldwind of Hispasec

Type: Arbitrar

[ more ]  [ reply ]
Apple releases QuickTime 7.5 2008-06-10
Todd Woodward (todd_woodward symantec com)
Apple today released QuickTime 7.5, which addresses a number of security
issues.

Type: Unexpected application termination; arbitrary code execution;
maliciously crafted PICT
Platform: Windows Vista, XP SP2
Resolution: Improved bounds checking.
Credit: Dyon Balding of Secunia Research

Type: Unexpec

[ more ]  [ reply ]
"Mac OS X Security Configuration for Version 10.5 Leopard" 2008-06-06
David Harley (david a harley gmail com)
I don't think this has been mentioned on the list.

http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080
530.
pdf

--
David Harley CISSP, Research Author
ESET LLC - http://www.eset.com
Blogs - http://www.eset.com/threat-center/blog/index.php;
http://blog.isc2.org
AVIEN Chief O

[ more ]  [ reply ]
Apple releases Mac OS X 10.5.3 and Security Update 2008-003 2008-05-29
Todd Woodward (todd_woodward symantec com)
Apple today released Mac OS X 10.5.3, Mac OS X Server 10.5.3 and
Security Update 2008-003.

The updates address the following potential issues:

(Please insert "potential", "could" and "may" where appropriate.)

AFP Server

Issue: Files that are not designated for sharing may be accessed
remotely
S

[ more ]  [ reply ]
CfP hack.lu 2008 2008-05-20
hack.lu 2008 (2008 hack lu)
Call for Papers Hack.lu 2008

The purpose of the hack.lu convention is to give an open and free
playground where people can discuss the implication of new technologies
in society.

hack.lu is a balanced mix convention where technical and non-technical
people can meet each others and share freely

[ more ]  [ reply ]
CFP For HITBSecConf2008 - Malaysia Now Open 2008-05-17
Praburaajan (prabu hackinthebox org)
CFP For HITBSecConf2008 - Malaysia Now Open

Hello from Malaysia!

The Call for Papers (CFP) for the 6th Hack In The Box Security
Conference in Malaysia (27th - 30th October 2008) is now open.

We've got some really cool stuff lined up this year including an
open-hack competition for charity, a th

[ more ]  [ reply ]
EUSecWest CFP Closes April 14th (conf May 21/22 2008) 2008-04-10
Dragos Ruiu (dr kyx net)
(We've moved the conference this year to the a club
in Leicester Square in the heart of London and SoHo.
We'll be putting speakers up across the square at the
Radisson Edwardian Hampshire, but there are lots of
hotels in the region there in the center of London
for those who want to attend (the ve

[ more ]  [ reply ]
CanSecWest 2008 PWN2OWN - Mar 26-28 2008-03-21
Dragos Ruiu (dr kyx net)

-- Calendar Notes:
===========

PacSec 2008 will be on November 12/13 in Tokyo at Aoyama Diamond Hall.

EUSecWest 2008 will be on May 21/22 at a fun new venue in central London.
(We cooked this schedule up so it will enable people to fly to Berlin on
the 23rd and make FX's ph-neutral on Saturday t

[ more ]  [ reply ]
CanSecWest 2008 Mar 26-28 2008-02-22
Dragos Ruiu (dr kyx net)
CanSecWest 2008 Presentations

Snort 3.0 - Marty Roesch, Sourcefire

Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich
Cannings, Google

Proprietary RFID Systems - Jan "starbug" Krissler and Karsten Nohl, CCC

Media Frenzy: Finding Bugs in Windows Media Software - Mark Dowd and

[ more ]  [ reply ]
Apple releases minor updates to 2007-009 Security Update and Safari 3 Beta 3.0.4 Update 2007-12-23
Todd Woodward (todd_woodward symantec com)
On Friday, December 21, 2007, Apple released two security updates.

Security Update 2007-009 1.1 is a minor revision to address an "unexpected termination of the Safari application when browsing to certain web sites." Apple notes that "There is no change to the security content provided in Security

[ more ]  [ reply ]
Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-17
Todd Woodward (todd_woodward symantec com) (2 replies)
On BugTraq, Moritz Jodeit describes in detail a Mac OS X Software Update Remote Command Execution Vulnerability:

http://www.securityfocus.com/archive/1/485237/30/0/threaded

This issue appears to be resolved in Security Update APPLE-SA-2007-12-17 which was released via Software Update today for Mac

[ more ]  [ reply ]
Re: Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-18
Derek Chesterfield (dez mac com) (1 replies)
Fwd: Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-18
Derek Chesterfield (dez mac com) (1 replies)
Re: Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-18
Kevin Finisterre \(lists\) (kf_lists digitalmunition com) (1 replies)
RE: Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-18
Todd Woodward (todd_woodward symantec com)
RE: Apple OS X Software Update Vulnerability and APPLE-SA-2007-12-17 2007-12-17
Todd Woodward (todd_woodward symantec com)
Apple releases Java Release 6 for Mac OS X 10.4 with security updates 2007-12-16
Todd Woodward (todd_woodward symantec com)
On Friday, December 14th, 2007, Apple released Java Release 6 for Mac OS X 10.4 ("APPLE-SA-2007-12-14") which addresses a number of security issues:

* Keychain vulnerability via Java app
* Java 1.4.2_16 update to resolve multiple Java 1.4 vulnerabilities
* J2SE 1.5.0_13 update to resolve multiple J

[ more ]  [ reply ]
Apple releases QuickTime 7.3.1 update: Addresses three pressing security issues 2007-12-14
Todd Woodward (todd_woodward symantec com)
Apple Inc. today released QuickTime 7.3.1 for Mac OS X (client and Server) 10.3.9, 10.4.9, 10.5 and Windows XP /Vista. This update addresses the following issues:

* RTSP buffer overflow that could lead to unexpected application termination or arbitrary code execution
* QTL file heap buffer overflow

[ more ]  [ reply ]
Second zero-day QuickTime vulnerability 2007-12-05
Todd Woodward (todd_woodward symantec com)
Over on bugtraq "Juha-Matti" wrote:

The QuickTime RTSP vulnerability reported on 23th Nov is not the only unpatched remote vulnerability in QuickTime player.

It appears that WabiSabiLabi team has reported that there is another (they call it zero-day vuln) flaw too, affecting to XP systems.

The CV

[ more ]  [ reply ]
Mac OS X Dashboard Widget Vulnerabilities? 2007-12-04
Todd Woodward (todd_woodward symantec com) (1 replies)
Over on bugtraq, there's an interesting new thread regarding vulnerabilities in Mac OSX widgets.

http://www.securityfocus.com/archive/1/484542/30/0/threaded
http://www.securityfocus.com/archive/1/484567/30/0/threaded

Essentially, widgets can "relax the Dashboard's JavaScript sandbox to enable the

[ more ]  [ reply ]
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-05
Don (drhodes mail colgate edu) (2 replies)
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-05
Derek Chesterfield (dez mac com) (1 replies)
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-05
Don (drhodes mail colgate edu) (1 replies)
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-06
Mark Senior (senatorfrog gmail com) (1 replies)
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-09
Tyrel McMahan (tyrel mcmahan gmail com)
Re: Mac OS X Dashboard Widget Vulnerabilities? 2007-12-05
Mark Senior (senatorfrog gmail com)
RE: QuickTime exploited by media-handling flaw 2007-11-30
Juha-Matti Laurio (juha-matti laurio netti fi) (1 replies)
US-CERT has released its Technical Cyber Security Alert TA07-334A entitled "Apple QuickTime RTSP Buffer Overflow" today too.

Link:
http://www.us-cert.gov/cas/techalerts/TA07-334A.html

- Juha-Matti

Todd Woodward <todd_woodward (at) symantec (dot) com [email concealed]> kirjoitti:
> For those with any link issues, here are a

[ more ]  [ reply ]
Re: QuickTime exploited by media-handling flaw 2007-12-13
Rick Mann (rmann latencyzero com)
(Page 2 of 26)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus