Dark Reading

Hot New OS Flaw: Integer Overflow

This may come as a surprise: Integer overflow is now one of the biggest vulnerabilities reported in vendor operating systems. Buffer overflow maintains its top ranking as the most exploited security ...
eWeek

How to Defend Against Deadly Integer Overflow Attacks

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
Threat Post

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Researchers have identified seven vulnerabilities in the LibXL C library, ...
ZDNet

Firefox hit by drive-by download security holes

Mozilla has shipped a mega patch for Firefox to fix a total of 16 security flaws that expose Web surfers to drive-by download, data theft and local bar spoofing attacks. The latest Firefox 3.6.7 ...
GIGAZINE

Pointed out that there is a flaw in the ``CVE'' system that assigns IDs to vulnerabilities and manages them

When a vulnerability that becomes an information security flaw is discovered, it is given an identification ID called CVE (Common Vulnerabilities and Exposures), evaluated for severity, and listed.
ZDNet

X Font Server flaw hits Sun Solaris hard

Default installations of Sun's free Solaris operating system are sitting ducks for remote code execution attacks. According to an alert from iDefense, the flaw exists in the way Solaris implements the ...
Threat Post

Critical DoS Bug Bubbles Up in Facebook Fizz TLS 1.3 Project

Users of the open-source project should upgrade immediately. A critical denial-of-service (DoS) vulnerability in Facebook’s open-source implementation of the transport layer security (TLS) 1.3 ...