Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Oracle looking at emergency patch for WebLogic

Patches from Oracle, RealNetworks, VMware, others Exploit reveals the darker side of automatic updates FAQ: The DNS bug and you, and other interesting reading
Security: Threat Alert By Jason Meserve , Network World , 07/31/2008
Sign up for this newsletter now!

Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Oracle issues warning over dangerous WebLogic flaw
Oracle is scrambling to create an emergency patch for a severe vulnerability in the company's WebLogic server, as exploit code is circulating on the Web. The problem lies in the Apache plug-in for the Oracle WebLogic Server and Express products (formerly known as BEA WebLogic), both application servers. IDG News Service , 07/29/2008.

Oracle advisory
**********

The Latest Advancements in SSL Technology: Download now

RealNetworks patches four critical bugs in multimedia player
RealNetworks has issued four critical patches for several versions of its RealPlayer running on Windows, Linux and Apple's Mac OS X. The flaws could allow a hacker to run malicious code on a PC or cause the computer to reveal information, according to an advisory from Secunia, a security vendor based in Denmark. IDG News Service, 07/28/2008.

Real's advisory
**********

Related Content

VMWare patches ESX service console packages for Samba and vmnix
A number of flaws in VMWare's ESX service console packages for Samba and vmnix have been patched by the vendor. No word on how the flaws could be exploited, but users should download and install the patch as quickly as possible.
**********

Four new patches from rPath:

Firefox (multiple flaws)

tshark/wireshark (denial of service)

httpd mod_ssl (cross scripting, denial of service)

fetchmail (denial of service)
**********

Four new updates from Ubuntu:

poppler (denial of service)

ffmpeg (file handling, code execution)

Thunderbird (multiple flaws)

Firefox (multiple flaws)
**********

Four new fixes from Mandriva:

silc-toolkit (multiple flaws)

ffmpeg (file handling, code execution)

libpng (memory corruption)

Thunderbird (multiple flaws)
**********

Two new patches from Debian:

icedove (multiple flaws)

python 2.5 (multiple flaws)
**********

Today's malware news

Exploit reveals the darker side of automatic updates
A new exploit called Evilgrade can take advantage of automatic updaters to install malicious code on unsuspecting systems, and your computers could be more vulnerable than you think. Computerworld, 07/30/2008.

Fake Jetblue eTickets
The most common way a user gets infected these days is through drive-by downloads and while the prevalence of malicious email attachments definately has gone down we still see them on a dialy basis. Like today when we saw a large spam run sending out fake JetBlue etickets. F-Secure, 07/30/2008.

Jason Meserve is multimedia editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed