The Netscape Navigator browser, after years of lagging behind competitor Internet Explorer and siblings Mozilla and Firefox, will fade into history on Feb. 1. Parent company AOL will cease production on all Netscape-branded projects Friday, though the Netscape.com website will continue to exist as a web portal.

Read More…
Source: Wired News

Chilkat FTP ‘ChilkatCert.dll’ ActiveX Control Insecure Method Vulnerability

Read More…
Source: Security Focus

Flawed ActiveX controls used to upload photos on the popular social networking sites Facebook and MySpace can be used by hackers to snatch control of Windows PCs, according to security researchers.

Read More…
Source: Computerworld News

Safari AutoFill for iPhone and iPod Touch (Switchers’ Blog)
Babies, iPhones and very-high-security passwords can be a bitter cocktail; it’s really hard to enter a 28-character/mixed-case/special character password on the iPhone while you’re holding 15 lbs. of undulating infant. Trust me.
So, if you caught video of my recent interview with Agile Web Solutions’ Dave Teare, you could see how excited I was to learn about a then-upcoming beta which would support autofill name- and password-entering via secure bookmarklets on your iPhone. Well, the day has arrived, and, brother, am I ever loving this.
click to view larger
From Dave’s post on the company’s blog:
Every iPhone and iPod Touch user has cringed when they realized that Mobile Safari does not remember web site logins. Coupled with the fact Copy and Paste is nonexistent on the iPhone, users were forced to type their login information every time they wanted to access any password protected site…
After browsing to a password protected website that requires you to login, simply bring up the Bookmarks menu and select “1Password Logins” to bring up the 1Password AutoFill window…
All the confidential information stored within the bookmarklet is encrypted using Strong Cryptography (448-bit Blowfish encryption) and can only be accessed once the correct Access Code is entered. The confidential information is decrypted within Safari on the iPhone and no communication with the 1Password web servers is required.
Dave tells me via email that the hosting service he’d mentioned in our interview is still being planned, but, personally I’m thrilled that this “just works” out of the box as well as it does from this first cut. I have seen a few problems in 1P seeming not to remember a login associated with a site, but more often than not, it’s been just spot-on — even when entered with my one, daughter-free hand.
Anyhow, check ‘er out. 1Password is shareware ($29.95) and a free download. The updated functionality appears to start with version 2.5.10 (build 6102).
One of my favorite Mac apps just made life a lot easier for iPhone users.

Read More…
Source: 43 Folders

Facebook Photo Uploader 4 ‘ImageUploader4.1.ocx’ ActiveX Control Buffer Overflow Vulnerability

Read More…
Source: Security Focus

MySpace Uploader ‘MySpaceUploader.ocx’ ActiveX Control Buffer Overflow Vulnerability

Read More…
Source: Security Focus

Who: MySpace What: MySpace repackages Aurigma’s ImageUploader ActiveX. This control enables MySpace users to upload images to their MySpace page(s). How: MySpaceUploader.ocx version 1.0.0.4 {48DD0448-9209-4F81-9F6D-D83562940134} This control is vulnerable to a buffer overflow in the Action property. I believe FaceBook also uses/repackages the Aurigma control, I …

Read More…
Source: Full Disclosure

Mozilla Corp. bumped up the threat ranking for an unpatched Firefox bug to ‘high’ Tuesday, but promised a fix is coming in Version 2.0.0.12, now slated for release on Feb. 5. …continue reading ‘Mozilla ups Firefox bug threat, slates fix for Feb. 5′

Read More…
Source: IT World

An ActiveX control in Namo Web Editor is prone to a vulnerability that allows attackers to execute arbitrary commands in
the context of the application using the ActiveX control (typically Internet Explorer). The risk is MEDIUM. Allows attackers to
execute arbitrary commands in the context of the application using the ActiveX control.

Read More…
Source: CIAC

New update for the Firefox browser could be pushed out soon.

Read More…
Source: CNET News.com - Security