Category: Security Advisories
10/10/07
Formal Response and Work Around for Adobe Acrobat Vulnerability (CVE-2005-5020)
Adobe has issued a formal response and work-around for the Acrobat and Acrobat Reader vulnerability reported by Petero Pekov and discussed in a previous Priveon Labs post. Based upon Adobe's response, the issue seems to be a URI handling bug that specif… more »
09/21/07
Reported Adobe Acrobat Vulnerability
Petko Petkov, a penetration tester says that Adobe Acrobat Reader files contain a serious vulnerability.
Petko states on his blog "I am closing the season with the following HIGH Risk vulnerability: Adobe Acrobat/Reader PDF documents can be used to co… more »
09/13/07
Reported Firefox 0-Day
A 0-day has been reported in Mozilla Firefox which uses Quicktime Media formats to compromise Firefox. PriveonLabs has independently verified that Firefox 2.0.0.6 is vulnerable.
It is also worth noting that the Firefox noscript extension will protect… more »
08/30/07
CSA Prevents VPN Executable Exploitation
We already know how valuable the Cisco Security Agent (CSA) is in regards to preventing Day-0 exploitation, applying PCI/SOX/HIPAA policies, and solving many other business problems but today I will briefly address how CSA is already preventing a recent… more »
06/05/07
Multiple Firefox/IE Security Vulnerabilities
Researcher Mical Zalewski has reported multiple browser vulnerabilities in various versions of FireFox and IE. Some of the reported vulnerabilities affect both browsers, others are specific only to IE or Firefox (respectively). While the impact of eac… more »
XML Feeds