Thread: Top IT Security Vulnerabilities
View Single Post
Old 11-03-2012, 11:25 AM   #1
Mike F
Franchise Player
 
Mike F's Avatar
 
Join Date: Jul 2003
Location: Djibouti
Exp:
Default Top IT Security Vulnerabilities
Admittedly this is barely thread worthy, but I did find the new report by Kaspersky of the Top 10 Security Vulnerabilities very surprising for who was on and who was absent:
  1. Oracle Java Multiple Vulnerabilities: DoS-attack (Gain access to a system and execute arbitrary code with local user privileges) and Cross-Site Scripting (Gain access to sensitive data). Highly Critical
  2. Oracle Java Three Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical
  3. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Gain access to sensitive data. Highly Critical.
  4. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Highly Critical.
  5. Adobe Reader/Acrobat Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Extremely Critical.
  6. Apple QuickTime Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
  7. Apple iTunes Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
  8. Winamp AVI / IT File Processing Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
  9. Adobe Shockwave Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Highly Critical.
  10. Adobe Flash Player Multiple Vulnerabilities: Gain access to a system and execute arbitrary code with local user privileges. Bypass security systems. Gain access to sensitive data. Extremely Critical.

I had no idea Adobe products were so vulnerable, and was surprised to see 2 Apple products and no Microsoft products on the list given the common conception about the two companies.
Mike F is offline   Reply With Quote