Skip to content

Gotham Security Daily Threat Alerts

by on July 15, 2015

July 14, Threatpost – (International) Flash Player update patches two Hacking Team zero days. Adobe released patches addressing two critical use-after-free vulnerabilities in ActionScript 3 revealed in data dumped from a recent breach of the Italian surveillance software company Hacking Team. Both flaws allowed an attacker to use a Web site hosting the exploit to completely take over an affected system. Source

July 13, Threatpost – (International) Kaseya patches two bugs in VSA IT management platform. Kaseya patched two flaws in its VSA IT management platform, including open redirect vulnerability in which an unauthenticated attacker could redirect users to sites with malicious content, and a path traversal bug in which an authenticated attacker could use a specially crafted Hyptertext Transfer Protocol (HTTP) request to traverse directories and download arbitrary files. Source

From → Security

Comments are closed.

%d bloggers like this: