SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary SQL commands via the rate parameter to picture.php, related to an improper data type in a comparison of a non-numeric value that begins with a digit.
Monthly Archives: December 2014
CVE-2014-9412 (access_manager)
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in a debug.DumpAll action to nps/servlet/webacc, a different issue than CVE-2014-5216.
Improve your smartphone battery life with smart profiles
We’ve just released a new update to our AVG Cleaner for Android PRO.
In version 2.2.1 we’ve tweaked one of your favorite features, Battery Profiles, and now support Android L to help you clean up, speed up and especially boost battery life even better than before and on all the bleeding-edge devices out there.
So what’s new?
Despite that it started out as a cleaning app, we’ve made it a super-powerful tool to help you speed up and boost the battery life of your Android and even tell which apps drain your devices mobile data traffic, battery and storage. We’ve continued this tradition in our latest update even more.
Smarter Battery Savings with Battery Profiles
First and foremost, for the folks who love to improve battery life manually, we added a new button called “Choose Manual Settings” which puts you in charge of what features and built-in devices of your Android can drain your battery, such as Wi-Fi, Bluetooth, Mobile Data or the automatic synchronization of your files:
As you can see, we’ve also added new “On/Off” buttons to make it more clear what’s enabled and what’s not – the green indicator now shows you exactly how much battery life you can save with each tweak.
Plus, there’s a new profile called “Low Battery” which is available in the PRO version and kicks in when battery life hits a certain threshold, such as “20%” (you have to run it once and then set it up):
That’s super important when you’re nowhere near a power outlet and the phone is running on fumes. It saved my digital life more than once…
Overall, we’ve also made the “Profiles” easier to set up. Once you select a profile for the first time, such as “Car” (for when you’re on the road), we’ll walk you through what conditions and settings you can set up. In the example of car, I set it up so that AVG Cleaner for Android always disables Wi-Fi, auto-sync, screen rotation and screen time-out whenever it’s connected to the Bluetooth of my car:
That’s because I don’t need any Wi-Fi in my car. Plus, I’m using the phone as my GPS so I don’t want the screen rotating randomly or turning itself off after a while.
Download AVG Cleaner for Android now.
AVG CloudCare wins VB100 antivirus award
AVG CloudCare™ is a platform that simplifies IT management for the small and medium-sized business. It protects devices, data and people with a set of flexible services that you can manage remotely from any web browser. Activate or deactivate services, roll out policies, install software, and simply take care of issues, all in a single platform.
The importance of independent reviews on products designed for the SMB’s is that these businesses do not have the time and resource, nor the inclination in many cases, to research which solution will give them the security and reliability that their business requires.
In large enterprises teams of IT professionals evaluate multiple products and select based on criteria that their business demands. In small organisations the requirement to have a solution that answers the business needs does not change but the ability to research a market does differ.
Most SMB organizations trust their IT security to a partner, a reseller or consulting company that provides them the services and selection of products that an enterprise IT department would. The fact that the purchaser can easily validate the proposal from their IT partner by looking to see what accolades and awards the solution being offered has achieved makes the decision process much simpler.
VB100 is a comparative review conducted by Virus Bulletin, who put antivirus solutions through their paces with rigorous testing. In this case the testing was for servers running Windows Server 2008 R2 SP1.
Try AVG CloudCare free for 30 days
APPLE-SA-2014-12-22-1 OS X NTP Security Update
From: Apple Product Security
Reply to list
APPLE-SA-2014-12-22-1 OS X NTP Security Update OS X NTP Security Update is now available and addresses the following: ntpd Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1 Impact: A remote attacker may be able to execute arbitrary code [...]
GLSA 201412-32 (Normal): sendmail
sendmail: Information disclosure
GLSA 201412-33 (High): pdns-recursor
PowerDNS Recursor: Multiple vulnerabilities
FreeBSD-SA-14:31.ntp
RHSA-2014:2031-1: Important: kernel security update
Red Hat Enterprise Linux: Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.6 Long Life.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2014-9322
RHSA-2014:2030-1: Important: kernel security update
Red Hat Enterprise Linux: Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.4 Extended Update Support.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2014-9322