Welcome to August's edition of Internet Security News, the monthly risks bulletin detailing the latest Internet software and system vulnerabilities from NTA Monitor, a leading Internet security testing company. It provides a convenient way to keep up to date with the fast changing world of Internet security; this month's edition includes a total of 8 risk issues: 4 High, 2 Medium, 0
Low and 2 Informational.
August 2007
Critical IE and Firefox flaw fixed
(High risk)
A critical flaw that affected both IE and Firefox has been patched. The flaw allowed an attacker to remotely execute malicious code on a machine that runs IE but also has Firefox installed
Read More
|
iPhone vulnerabilities disclosed
(High risk)
At the end of June, Apple's iPhone was released and just 72 hours afterwards, a variety of flaws were publicised
Read More
|
Microsoft's latest patches updated
(High risk)
Microsoft's latest Patch Tuesday addressed six flaws - three critical, two important and one moderate
Read More
|
Critical buffer overflow in Panda's anti-virus program
(High risk)
Panda AntiVirus has a critical buffer overflow vulnerability, which is caused due to a boundary error when parsing .EXE files
Read More
|
XSS flaw found in Oracle's E-Business Suite
(Medium risk)
An input validation vulnerability has been discovered in Oracle's E-Business Suite, which could permit Cross-Site Scripting attacks if successfully exploited
Read More
|
Zero day flaw found in Linux-based Yoggie Pico
(Medium risk)
Senior director at Linux-based Yoggie Pico plays down reports that a recent flaw discovered permits remote code execution
Read More
|
'Horrifying' number of organisations breach data protection rules
(Informational)
According to the Information Commissioner, Richard Thomas, a 'horrifying' number of organisations have breached data protection rules in the last year
Read More
|
Online auction site opens for security flaws
(Informational)
An online auction site has opened for security flaws, enabling researchers who discover vulnerabilities to profit from their findings
Read More
|
About NTA Monitor
This bulletin is produced as a by-product of ongoing research carried out to develop NTA Monitor's Internet security
testing service, Regular Monitor. NTA are a full-service Internet security testing company with a comprehensive range of
testing services including:
- VPN Testing
- Onsite Auditing
- Web Application Test
- War Dialling
- Wireless Infrastructure Testing
- RM Vulnerability Testing
For more information on the above services please see our
services page.