Your search for flaw returned 641 results.

Nine days after version 9.61 was released, the newest browser version patches a major security flaw in the "history search" page. Users are being advised to update their systems after the emergence of a new rash of attacks targeting a previously-patched flaw in Adobe Acrobat. Attacks reported on recently-patched Windows hole. A Swedish security company announced Wednesday that two of its researchers have discovered a 'generic' flaw in the TCP stack that could result in denial-of-service attacks. A DNS design flaw, which could have allowed remote attackers to silently hijack web sessions, prompted Tuesday's release of an unprecedented multivendor patch. The login page for Google Mail can be spoofed so that an attacker can steal a user's credentials. Attackers have posted public exploit code for a zero-day Windows vulnerability that could result in privilege escalation. A security researcher said he has discovered a vulnerability in Google Docs that mysteriously allows private documents to appear in other users' accounts. A gaping hole in the iPhone's security will be fixed next month according to Macworld. The DNS cache poisoning, has got security firms scrambling to provide protection.
Microsoft warned users on Monday of attacks targeting a flaw in Macrovision's digital rights management software. DNS cache poisoning is not just for web browsers anymore. According to researcher Dan Kaminsky, there are a variety of programs that make requests of DNS servers, including games and a number of desktop applications. For the first time in more than three years, Oracle has issued an alert warning customers about a zero-day vulnerability. When researcher Dan Kaminsky reveals details behind the major DNS protocol vulnerability next month at Black Hat, it may not be such a surprise anymore. A major vulnerability in the BlackBerry Attachment Service could result in a takedown of the enterprise server that supports the popular mobile devices.
The recent discovery of a potentially serious Secure Socket Layer (SSL) flaw affecting a popular Linux distribution should act as a wake up call to the open source community, experts warn.. Microsoft on Thursday re-released its June patch for a vulnerability in which Bluetooth-enabled devices could be attacked. Even though a vulnerability in the OpenSSL library used to generate key pairs on Debian-based Linux distributions has been fixed, IT administrators will be hard-pressed to ensure each key is unbreakable, a security researcher said this week. The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw. A cross-site scripting vulnerability in Yahoo Mail could leave instant messenger users open to attack.