IBM report: Internet threats arise before flaws corrected - Poughkeepsie Journal

IBM report: Internet threats arise before flaws corrected - Poughkeepsie Journal

On your marks, get set, go. Spam, Phishing and malware could reach ... - CIO Australia

Seattle security expert helped uncover major design flaw on Internet - Seattle Post Intelligencer

Multiple Vendors Vulnerable to DNS Cache Poisoning
Multiple vendor DNS protocol implementations could allow a remote attacker to poison the DNS cache.  Patches that resolve the vulnerability on the DNS may be rendered ineffective if the DNS is behind a NAT device that does not randomize ports. Public exploit code was made available on July 24, 2008.  At the time of this update, neither X-Force nor IBM MSS has witness any active exploitation nor the integration of this exploit into any exploit toolkits.

Microsoft Dynamics GP Multiple (4) Buffer Overflows
The Microsoft Dynamics GP is vulnerable to four heap and stack-based buffer overflows. A remote attacker could overflow the buffer and execute arbitrary code or gain control of the affected system by sending malicious queries to the Distributed Process Server or Distributed Process Manager.

Security Expert Finds A Wrench In The Internet - NPR

Microsoft Windows MJPEG Codec Multiple Overflows
The Microsoft MJPEG codec is vulnerable to multiple stack-based buffer overflows when parsing specially crafted files. A remote attacker could overflow the buffer and execute arbitary code within the context of the user viewing the malicious file.

Microsoft ActiveX Snapshot Viewer for Microsoft Access RCE
Microsoft ActiveX Snapshot Viewer for Microsoft Access could allow a remote attacker to execute arbitrary code on the system.  Targeted exploitation was reported on July 7, but X-Force has been monitoring toolkit-related mass exploitation since July 10.  As of July 24, exploitation has continued to escalate.  See technical description for more details.