Security Alerts & News
by Tymoteusz A. Góral

History
#1194 Flaws in Oracle file processing SDKs affect major third-party products
Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors, including Microsoft.

The vulnerabilities were found by researchers from Cisco's Talos team and are located in the Oracle Outside In Technology (OIT), a collection of software development kits (SDKs) that can be used to extract, normalize, scrub, convert and view some 600 unstructured file formats.

These SDKs, which are part of the Oracle Fusion Middleware, are licensed to other software developers who then use them in their own products. Such products include Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.
Read more
#1197 Ransomware gang claims Fortune 500 company hired them to hack the competition
#1196 PayPal fixes CSRF vulnerability in PayPal.me
#1195 PowerWare ransomware masquerades as Locky to intimidate victims
#1194 Flaws in Oracle file processing SDKs affect major third-party products
#1193 Canadian man behind popular ‘Orcus RAT’
#1192 Google fixes 48 bugs, sandbox escape, in Chrome
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12