The 2016 Kaspersky Lab Corporate IT Security Risks survey found that only 36 percent of small businesses (up to 50 employees) worldwide worry about their staff’s carelessness leading to a cyberattack, while more than half of medium-sized businesses (53 percent) and large enterprises (51 percent) consider it a concern.
Monthly Archives: December 2016
CVE-2016-9836
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types. (CVSS:7.5) (Last Update:2016-12-06)
Vuln: Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
Vuln: Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
Vuln: Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
Vuln: Linux Kernel 'kvm/emulate.c' Information Disclosure Vulnerability
Linux Kernel ‘kvm/emulate.c’ Information Disclosure Vulnerability
GLSA 201612-11: Chromium: Multiple vulnerabilities
GLSA 201612-12: Patch: Denial of Service
GLSA 201612-13: nghttp2: Denial of Service
Vuln: IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability
IBM Integration Bus CVE-2016-8918 Security Bypass Vulnerability