Vulnerabilities Galore!

Date: 07 August 2009 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=11446 Greetings, It has been a busy week for security analysts and system administrators alike with vulnerabilities being detected in numerous packages and operating systems. Some updates of note include two from Apple, one being an update for the iPhone which suffered a vulnerability in its handling of SMS messages which could allow the execution of arbitrary code via maliciously crafted SMS messages. The other news from Apple was the release of Mac OS X version 10.5.8, which corrected 18 vulnerabilities in the operating system. Mozilla also released two new versions of Firefox, 3.5.2 and 3.0.13, to correct four vulnerabilities in the browser, which could allow the execution of arbitrary code, and provide misleading information. Another major series of updates came for Sun's Java SE correcting numerous vulnerabilities, with varied impacts, ranging from the execution of arbitrary code, and increased privileges, to the creation or modification of arbitrary files. Regards, Jonathan