Your search for flaw returned 612 results.

A DNS design flaw, which could have allowed remote attackers to silently hijack web sessions, prompted Tuesday's release of an unprecedented multivendor patch. DNS cache poisoning is not just for web browsers anymore. According to researcher Dan Kaminsky, there are a variety of programs that make requests of DNS servers, including games and a number of desktop applications. For the first time in more than three years, Oracle has issued an alert warning customers about a zero-day vulnerability. When researcher Dan Kaminsky reveals details behind the major DNS protocol vulnerability next month at Black Hat, it may not be such a surprise anymore. A gaping hole in the iPhone's security will be fixed next month according to Macworld. The DNS cache poisoning, has got security firms scrambling to provide protection.
Microsoft warned users on Monday of attacks targeting a flaw in Macrovision's digital rights management software. The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw. A cross-site scripting vulnerability in Yahoo Mail could leave instant messenger users open to attack. A vulnerability discovered in SCADA could grant a remote attacker control over critical infrastructure, researchers said on Wednesday.
The recent discovery of a potentially serious Secure Socket Layer (SSL) flaw affecting a popular Linux distribution should act as a wake up call to the open source community, experts warn.. A flaw in WordPress 2.x rated "highly critical" was posted today. A just discovered vulnerability in Microsoft's FTP client can allow a malicious user to crash the application via a malware-laced social engineering attack. A major vulnerability in the BlackBerry Attachment Service could result in a takedown of the enterprise server that supports the popular mobile devices.
Microsoft on Thursday re-released its June patch for a vulnerability in which Bluetooth-enabled devices could be attacked. Users are being urged to update their copies of Mozilla's Thunderbird and SeaMonkey email applications after the disclosure of a serious security flaw.. Even though a vulnerability in the OpenSSL library used to generate key pairs on Debian-based Linux distributions has been fixed, IT administrators will be hard-pressed to ensure each key is unbreakable, a security researcher said this week. Microsoft is warning of a new vulnerability in Windows that could permit privilege escalation. An error in the way in which the Firefox and Opera browsers handle image files could allow an attacker to export a user's web history or crash the Firefox browser, a Polish researcher and US-CERT have warned. Users who remain vulnerable to an ActiveX photo uploader vulnerability used on many websites are now being targeted in active attacks, researchers from Symantec said today.