Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors.
Monthly Archives: May 2015
CVE-2015-3059
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075.
CVE-2015-3060
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVE-2015-3061
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVE-2015-3062
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVE-2015-3063
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVE-2015-3064
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
The surprising fees hackers charge for their services
Hackers advertise their nefarious services to potential customers for as little as $90 for Gmail and $350 to access a target’s Facebook account, reports The Daily Mail.
The post The surprising fees hackers charge for their services appeared first on We Live Security.
SEC Consult SA-20150513-0 :: Multiple critical vulnerabilities in WSO2 Identity Server
Posted by SEC Consult Vulnerability Lab on May 13
SEC Consult Vulnerability Lab Security Advisory < 20150513-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: WSO2 Identity Server
other WSO2 Carbon based products may be affected too
vulnerable version: 5.0.0 (WSO2 Carbon Framework v4.2.0 patch1095)
fixed version: 5.0.0 with patches 1194 and 1095 applied…
How to reduce spam in almost 40%: Follow Canada’s example
It was the year 2004 and Bill Gates dared to predict the spam’s death was near. According to him, in only two years spam wouldn’t be a problem. In 2006 nothing had changed.
Eleven years after that failed prediction, spam continues to flood daily our inbox, with huge amounts of emails in unknown languages with commercial information we hadn’t request.
However, someone somewhere is fighting against this intrusion, and surprisingly, they are winning the battle. We are talking about Canada, where they are trying to eradicate spam by means of law.
In July it will be a year since the Canada’s Anti-Spam Legislation (CASL) came into force and its results have been more that positive: according to a report, in the last ten months the spam received by Canadian Internet Users dropped 37%.
In fact, data go far beyond: the total of the emails received monthly by Canadian users has also dropped (29%) due to the spam reduction.
However, the problem is far from being solved. The CASL fight directly against spam sent from Canada, but can’t do anything when the sender is from another country. We are not talking about the Nigerian prince or Russian gold-diggers; 53% of the spam that Canadians receive actually comes from the United States.
A law to put an end to spam
For fighting against spam the CASL created three requirements about sending commercial emails and imposing hefty fines to any person or company that fails to comply these regulations:
- ‘You must have express or implied consent to send a commercial electronic message’.
- ‘You must clearly identify yourself and the business or organization sending the commercial electronic message’.
- ‘You must include an Unsubscribe mechanism on every commercial electronic message sent’.
Canadian companies that don’t strictly follow these criteria could receive a fine, as has already Compu-Finder, a company that received 26% of spam complaints, was fined for 1 million Canadian dollars (700.000 euros).
Canada has made it clear that there are things that can be done to clean Internet users’ inbox, but also, that without a global legislation the problem will never end.
The post How to reduce spam in almost 40%: Follow Canada’s example appeared first on MediaCenter Panda Security.