In this age of modern technology, new and improved software/applications and operating systems (OS) based on new technology has been evolved. These new software/applications may have loopholes or vulnerability which can be harmful for our computer system.
The US-CERT Cyber Security Bulletin provides a summary of latest vulnerabilities that have been recorded by its research department for the Week of December 8, 2014
The National Institute of Standards and Technology (NIST) have found vulnerabilities that can make a system prone to malware attacks and unauthorized access.
Common vulnerabilities and their impact recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week are:
- Adobe Flash Player vulnerability before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Find out other vulnerable versions from here: https://1.usa.gov/1sz8K1V
- Integer overflow vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Find out the other vulnerable versions from here: https://1.usa.gov/1vV7AZ3
- Vulnerability in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. Find out other vulnerable versions from here: https://1.usa.gov/1uN3d1X
- Microsoft Internet Explorer 11 vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malicious website.Find out other vulnerable versions from here: https://1.usa.gov/1DFPhkx
- Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, allows remote attackers to execute malicious code through an infected office document. Find out other vulnerable versions and its details from here: https://1.usa.gov/1yV4XZj
- WebKit vulnerability in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows hackers to execute malicious code or cause a denial of service (memory corruption and application crash) via an infected website. Find out other vulnerable versions from here: https://1.usa.gov/1yV5oTp
There are many such vulnerable software ranked in the division of high, medium, and low severities.
To know more about these vulnerable software and the affected versions read the US-CERT Cyber Security Bulletin from here: https://1.usa.gov/1A3fqpt