Multiple Vendors Vulnerable to DNS Cache Poisoning

Multiple Vendors Vulnerable to DNS Cache Poisoning
Multiple vendor DNS protocol implementations could allow a remote attacker to poison the DNS cache.  Patches that resolve the vulnerability on the DNS may be rendered ineffective if the DNS is behind a NAT device that does not randomize ports. Public exploit code was made available on July 24, 2008.  At the time of this update, neither X-Force nor IBM MSS has witness any active exploitation nor the integration of this exploit into any exploit toolkits.

Microsoft Security Bulletins for September
Have you ever used Microsoft's OneNote? I had heard of it, but I never used it until a few months ago. I love it. It is hard to even define...

Oracle WebLogic Server Apache Connector Remote Code Execution
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is vulnerable to a buffer overflow, which would cause a denial of service and potentially remote code execution.

IRS Puts Taxpayer Data at Risk
It is one thing when TJ Maxx or The Gap are careless with employee or customer data. Everyone entrusted with sensitive information such as addresses, birthdates, credit card information, bank...

Norton Internet Security 2009 - Computeractive

Lumbering ox advances -- 2 - San Francisco Chronicle

Microsoft Windows MJPEG Codec Multiple Overflows
The Microsoft MJPEG codec is vulnerable to multiple stack-based buffer overflows when parsing specially crafted files. A remote attacker could overflow the buffer and execute arbitary code within the context of the user viewing the malicious file.