Login   |   Secure Purdue > News

Security Issues 6-29-2010

1.)  Social Networks Leak your information, study says...

read more about it here:

http://www.computerworld.com/s/article/9178648/Social_networks_leak_your
_information_study_says?source=rss_security

2.)  Critical Hole closed in PNG reference library

read more about it here:

http://www.h-online.com/security/news/item/Critical-hole-closed-in-PNG-
reference-library-1030043.html

As Sited from the URL above:  "As numerous browsers use libpng to display images, specially crafted web pages could infect visitors' PCs with malicious code. However, the developers say in their advisory that a successful attack depends on how specific applications use libpng. The Mozilla Foundation discovered the flaw, but it is currently not known whether Firefox is among the affected applications. The second flaw involves a memory problem in connection with flawed physical scale values (sCAL chunks) that can potentially cause the application to crash.

3.) Red Hat fyi:  RHSA-2010:0501-2: Critical: firefox security, bug fix, and enhancement
update http://rhn.redhat.com/errata/RHSA-2010-0501.html

4.) For those still using Winamp:  http://www.exploit-db.com/exploits/14068/

5.) MySQL "ALTER DATABASE" Denial of Service -
http://secunia.com/advisories/40333/

6.) From the "say it ain't so homey" category...

http://blog.trendmicro.com/fake-news-of-eminems-death-leads-to-malware/

As Sited from the URL above:  "Malicious spam posing as CBS News is spreading fraudulent news that rap star Eminem died in a car crash. The message asks users if they would like to know more information and provides a link. Visiting the link will attempt to download a variant of Zeus/Zbot to the affected user's machine.

Posted by Cynthia Welch on June 29, 2010, in Handlers Log.