Re: Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460

As is probably obvious to other readers, I did indeed notify NNT by email of the vulnerability before making it public - as mentioned in my initial disclosue. I'm not sure what possible reason anyone would have to say that if it were not true. Glad to see you apparently did the right thing and

NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow

=== Summary === Name: Apple Mac OS X ImageIO TIFF Integer Overflow Release Date: 28 June 2011 Reference: NGS00057 Discoverer: Dominic Chell Vendor: Apple Vendor Reference: 142522746 Systems Affected: Mac OS X v10.6 through v10.6.6, Mac OS X Server v10.6 through v10.6.6. This issue does no

APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 Java for Mac OS X 10.5 Update 10 is now available and addresses the following: Java Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8 Impact: Multiple vulnerabilities in Java 1.6.0_24 De

Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities

Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 1. OVERVIEW Joomla! 1.6.3 and lower are vulnerable to multiple Cross Site Scripting issues. 2. BACKGROUND Joomla is a free and open source content management system (CMS) for publishing content on the World Wide We

[slackware-security] pidgin (SSA:2011-178-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] pidgin (SSA:2011-178-01) New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: +--+ patc