Fredericton's Lowest Everyday Prices

151 Brunswick Street, Fredericton, 454 2299

yellow01_next_3.gifAccessories

yellow01_next_4.gifAdapters

yellow01_next_5.gifBarebones

yellow01_next_6.gifBlank Media
yellow01_next_7.gifCables
yellow01_next_8.gifCameras
yellow01_next_8.gifCard Readers
yellow01_next_8.gifCases
yellow01_next_8.gifClosed Circuit
yellow01_next_8.gifController Cards

yellow01_next_8.gifCPU-Processor A I
yellow01_next_8.gifDesktops
yellow01_next_8.gifElectronics
yellow01_next_8.gifExternal  Enclosure
yellow01_next_8.gifFlash Memory
yellow01_next_8.gifFloppy's
yellow01_next_8.gifHard Drives
yellow01_next_8.gifInk & Toner
yellow01_next_8.gifKeyboards/Mice
yellow01_next_8.gifMemory Products
yellow01_next_8.gifModems
yellow01_next_8.gifMonitors LCD/CRT
yellow01_next_8.gifMotherboards
yellow01_next_8.gifMultimedia
yellow01_next_8.gifNetworking
yellow01_next_8.gifNotebooks
yellow01_next_8.gifOptical Drives
yellow01_next_8.gifPoint of Sale
yellow01_next_8.gifPower Supplies
yellow01_next_8.gifPrinters
yellow01_next_8.gifScanners
yellow01_next_8.gifSoftware Products
yellow01_next_8.gifSound Cards
yellow01_next_8.gifSpeakers
yellow01_next_8.gifUSB Devices
yellow01_next_8.gifVideo Cards
yellow01_next_8.gifUsed Products

December 07, 2005

Macromedia Flash Player Vulnerability
There is a vulnerability discovered in Macromedia Flash Player 7 and earlier version, which when exploited could lead to execution of arbitrary code. One possible attack is through malicious SWF file placed on website. This could lead to unathorized software being install on your computer which could result in the loss of data or personal information.

If you have already upgraded to Flash Player 8, then you are not affected by this vulnerability. Otherwise, do upgrade as soon as possible.
Macromedia Player Download Center.

MODERATE: Sun Java JRE Sandbox Security Bypass
Description: The Sun Java Runtime Environment (JRE) enables applets on websites to run on a client's browser. The Java Security Manager controls the resources a downloaded applet can access ("sandbox" model). Multiple vulnerabilities in the Sun JRE can be exploited by a malicious applet to break out of this "sandbox", and access any local resources. As a result, if a user browses a webpage containing the malicious applet, the applet may be able to execute arbitrary commands on the client system with the privileges of the logged-on user. Note that applets are automatically downloaded and executed in typical browser configurations. The technical details about the flaws have not been publicly posted yet.

  • Status: Sun confirmed. Upgrade to SDK and JRE 1.3.1_16 , SDK and JRE 1.4.2_09 or JDK and JRE 5.0 Update 4. You can download the software from http://www.java.com/en/download/manual.jsp  or IE users http://www.java.com/en/download/windows_automatic.jsp

    		•

    HIGH: Panda Antivirus ZOO File Decompression Overflow
    Affected:Possibly all Panda anti-virus products

  • Third-party products that use Panda's anti-virus library
    Possibly all Panda anti-virus products
    Third-party products that use Panda's anti-virus library

  • Description: Panda anti-virus products are deployed on a number of desktop systems as well a email gateways. The Panda anti-virus library contains a heap-based overflow that can be triggered by a specially crafted ZOO file (See the references for zoo compression format). The overflow can be exploited to execute arbitrary code. Note that for exploiting the gateway systems no user interaction is required. The technical details required to craft an exploit have been publicly posted.

  • Status: Panda has not released any updates so far. A workaround is to disable examining .zoo files.

    		•