Security Issues with Dynamic Loading

Similar Messages

• Using latest version of fireFox to access Think Central, pages will not load and they say that this is a security issue with FireFox?

  Teachers in our district are supposed to use www.thinkcentral.com with FireFox.
  Some have no problem accessing the lesson plans.
  Most when they login click on a lesson plan and an icon shows up that says loading but never does.
  If you reboot the computer and login you can open a page once but not a second time and no other lessons will open.
  Think Central support says this is a security issue with Firefox.
  I have updated FireFox, all the Adobe, Reader, Flash, Air and Shockwave. As well as Java.
  I have allowed the pop ups to the think Central web site.
  Any help would be appreciated

  Are there any notification icons on the left end of the address bar? If so, please click them to see whether they related to security issues (such as blocked content - shield icon: [[How does content that isn't secure affect my safety?]]) or a plugin requiring permission (Lego-like icon).
  Does Think Central have any help pages about this issue? Without an account, it is difficult to explore the issue first-hand.

• Security Issues with 8.1 Pro

  I have had several security issues with Windows 8.1 Pro.
  I am curious if the following apps should be loaded by default:
  CheckPoint.VPN
  JuniperNetworks.JunosPulseVpn
  SonicWALL.MobileConnect
  F.vpn.client
  These programs are installed on a fresh install of Windows 8.1 Pro but I do not think they should be.  They are present prior to the install of any 3rd party programs or apps.
  Thanks

  I found them in my firewall list on my Windows 8.1 Pro installation and posted a question on a forum as well, though I don't think it was here.  I don't believe anyone ever answered.
  It looks as though these are parts of the bundled virtual private networking clients.
  Note, for example, the "distributed by Microsoft as part of Windows 8.1" wording on this page:
  http://www.sonicwall.com/app/projects/file_downloader/document_lib.php?t=PG&id=605
  -Noel
  Detailed how-to in my eBooks:  
  Configure The Windows 7 "To Work" Options
  Configure The Windows 8 "To Work" Options

• Issue with site load time when exported as HTML. Addressed?

  Has the issue with website load time been addressed?
  I believe the site attempts to load the entire image content at the initial visit - meaning any galleries with numerous pictures are all included when first getting to the site. This is causing a HUGE increase in load time. I was told when I last brought it up that it was an apparent issue that needed to be addressed.
  Any type of resolution coming?
  Site for reference: www.dkrecollection.com

  Major updates of Muse are targeted to release roughly every quarter. The 1.0 release was in mid-May. The 2.0 release was in mid-August. A fundamental change to image loading would only appear as part of a major update due to the engineering and testing efforts required.
  As provided in your previous thread http://forums.adobe.com/message/4659347#4659347 the only workaround until then is to reduce the number of images in the slideshow.

• Severe Security Issue with Sharing Permissions and Windows

  I recently discovered a severe Security issue with the windows sharing an permission settings:
  I have two users, an admin user and a parental controlled user. On my mac mini, i have a external harddrive connected. On the harddrive, i have three folders, Itunes, Iphoto (Package) and a Temp Folder. I want to share the Harddrive RW for the admin, but only R for the parental user. But the Temp folder should be accessible for RW for the parental as well.
  1. I set the Drive checkbox "ignore ownership" off.
  2. I set the permissions of the drive to admin RW, parental R and Everyone to "no access"
  3. I apply to enclosed Items
  4. I set the permission of the Temp folder to admin RW, parental RW and Everyone to "no access"
  5. I apply to enclosed Items
  6. I go to "File Sharing" in the Preferences and activate SMB sharing for both users
  7. I delete all previous shares
  8. I add the Disk and use the proposed permissions which are admin RW, parental R, Everyone "no access"
  9. I add the Temp folder and use the proposed permissions which are admin RW, parental RW, Everyone "no access" - Funny, there is a new Group called "Temp" created which has custom access on both sharepoints
  10. I connect to the mac over a Windows machine (NTLM auth set appropriatly). Now I try to create a folder on the root of the Disk share, I get a denied message.
  BUT WHEN I GO INTO A SUBFOLDER (eg. ITUNES or IPHOTO), WHICH HAS ALSO JUST "R" PERMISSION FOR THE PARENTAL USER, I AM ABLE TO RW, DELETE AND DO EVERYTHING!!!
  TO RECAPITULATE: THE SHARING PERMISSIONS ARE "R", AND THE FILE PERMISSIONS IN THE RESPECTIVE FOLDERS FOR THE RESPECTIVE USER ARE ALSO JUST "R". BUT THE USER CAN DO EVERYTHING IN THE SUBFOLDERS!!!

  I recently discovered a severe Security issue with the windows sharing an permission settings:
  I have two users, an admin user and a parental controlled user. On my mac mini, i have a external harddrive connected. On the harddrive, i have three folders, Itunes, Iphoto (Package) and a Temp Folder. I want to share the Harddrive RW for the admin, but only R for the parental user. But the Temp folder should be accessible for RW for the parental as well.
  1. I set the Drive checkbox "ignore ownership" off.
  2. I set the permissions of the drive to admin RW, parental R and Everyone to "no access"
  3. I apply to enclosed Items
  4. I set the permission of the Temp folder to admin RW, parental RW and Everyone to "no access"
  5. I apply to enclosed Items
  6. I go to "File Sharing" in the Preferences and activate SMB sharing for both users
  7. I delete all previous shares
  8. I add the Disk and use the proposed permissions which are admin RW, parental R, Everyone "no access"
  9. I add the Temp folder and use the proposed permissions which are admin RW, parental RW, Everyone "no access" - Funny, there is a new Group called "Temp" created which has custom access on both sharepoints
  10. I connect to the mac over a Windows machine (NTLM auth set appropriatly). Now I try to create a folder on the root of the Disk share, I get a denied message.
  BUT WHEN I GO INTO A SUBFOLDER (eg. ITUNES or IPHOTO), WHICH HAS ALSO JUST "R" PERMISSION FOR THE PARENTAL USER, I AM ABLE TO RW, DELETE AND DO EVERYTHING!!!
  TO RECAPITULATE: THE SHARING PERMISSIONS ARE "R", AND THE FILE PERMISSIONS IN THE RESPECTIVE FOLDERS FOR THE RESPECTIVE USER ARE ALSO JUST "R". BUT THE USER CAN DO EVERYTHING IN THE SUBFOLDERS!!!

• Any security issues with My MSN or outlook bookmarks

  any security issues with My Msn and Outlook as bookmarks

  Your question is not quite clear, and no Mac can iOS, but anything and everything made by or for Microsoft carries a security risk.
  Which is why most sensible people run Apple OS X.

• Security issues with Lion

  Anyone know what the real deal is with OS X Lion security.  I've heard lots of things about how the recent Blackhat conference in Las Vegas said that Apple's security was not as good as Windows 7's.  Anyone know anything about this?  Thanks in advance for any feedback or input.

  JB2909 wrote:
  I've downloaded Java for OS X Lion 2012-001 to fix the security issues with Java but when I open it to install it gives me an error message saying don't open it as it has a disk image issue (?) and may make my computer less secure or cause other issues? I don't understand why it would cause security risks when it is supposed to be a patch to fix them?!  Is it safe to go ahead and open/install?
  Could that be why Apple has released Java for OS X Lion 2012-002 here: http://support.apple.com/kb/DL1515 ?

• Security issues with connecting pdf to database

  I have a pdf form that is being called from a webform as part
  of a web application. The PDF has two dropdown lists that I was
  populating from a SQL Server Database. I had created a special user
  that had select access only to the tables for the dropdowns.
  My question is are there any known security issues with
  regard to allowing a pdf to connect to a database this way. The PDF
  is being called from a secure connection but I don't know if
  opening this database connection to populate these dropdowns
  exposes a security hole of any sort. If it does, do you have a
  solution to make this secure? I am asking because another developer
  on the project brought up the issue of this design creating a
  security risk and I haven't been able to find anything online
  discussing it either way.
  Thanks!
  Maureen

  Hello Maureen,
  Thanks for posting, but I'm not sure I see if your question
  relates to Acrobat.com
  Are you using any of the Acrobat.com Services as any part of
  your workflow?
  Thanks!
  Pete

• Privacy/Security Issue with Adobe Flash 10

  Not sure if anyone has noticed this or not, but there is a
  bizarre (if minor) privacy/security issue with Adobe Flash Player
  10. I came across it while attempting to upload a file to Flickr.
  Previous versions of AFP do not exhibit this problem.
  Specifics: using Firefox 3.x, Vista.
  The problem: When Flickr calls the "open file" dialogue in
  Flash 10 (in order to upload files) via the "Upload Photos and
  Videos" link, at the bottom of the dialogue, to the right of the
  "File Name" box, sits a common UI element that brings up a dropdown
  menu of what appear to be (or at least are supposed to be) recently
  viewed or downloaded or accessed files. Actually I'm not sure how
  Flash 10 compiles or accesses this list of files, but at any rate,
  a list of files come up.
  The problem is that, as far as I can tell, the list of files
  that come up reference a long list of files, some that are very old
  and that no longer exist, and that there is no way that I can find
  to clear the list. This is a minor security/privacy issue, as
  generally there should be a way to prevent a dialogue from
  displaying a long list of past-accessed files by clearing a cache
  somewhere or other -- imagine if it was impossible to clear the
  history of a web browser, for example -- this would be considered a
  pretty significant privacy issue. I have tried everything from
  flushing the browser cache to uninstalling and reinstalling the
  browser to uninstalling and reinstalling Adobe Flash to using the
  Flash Settings Manager to clear out the Flash saved sites to
  turning off Vista indexing to clearing out Vista's Recent Items
  list. None of these actions did anything to clear out this list of
  files. I can find no references to these files anywhere when I use
  Vista Search (with unindexed and system files searched as well),
  and I can find no reference to the files anywhere in the registry
  (I checked just in case Flash 10 was storing this index in some
  really bizarre place.) I've linked to a screenshot below of what
  I'm talking about -- most of the files listed below were deleted a
  long, long time ago, and so I have no idea why this dialogue refers
  to them.
  Screenshot
  Is there a simple work-around for this that I'm unaware of?
  Even if there is, there needs to be some more obvious way to clear
  out this list. Where is this information being stored, and what
  criteria does this list use to "put a file on the list"?

  Thanks for putting me on the right scent. That's what I'd
  originally thought, too -- it's just that the file-> open dialog
  was giving an entirely different list of files with other
  applications, so I assumed that it must be Flash that was the
  culprit. Turns out the reason it was different with Flickr was
  because it was restricting the file results via a long string of
  video and picture filetypes that are compatible with the Flickr
  service.
  It turns out the information I'm looking for is buried deep
  within the registry. The only way to clear out this list of files
  is to delete the following key (or specific subkeys):
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidl MRU
  Seems more than a little stupid to store such information in
  the registry if security is your concern. Vista beguiles me
  sometimes.

• Issue with Dynamic Link with Premiere CC and After Effects

  I'm having a strange and annoying issue with Dynamic linked clips in Premiere CC:
  When I render or export my timeline the progress will stall when it hits a dynamic linked clip.  It will stay stalled until I click the After Effects application and make it the active window.  Once that happens the render/export resumes at normal speed. 
  This is annoying as I can't start a render and walk away or work on different windows, I have to babysit all the renders to make sure they go through.
  Has anybody experienced this and know of any solutions? 
  I'm running the latest version of Premiere (7.2.1) and After Effects 12.2.0.52 on Mavericks 10.9.1 with a GTX 770 Video Card.

  Does it still pause if AE is closed completely? I often experience slower AME renders from Premiere over dynamic link material when AE is open. Closing AE speeds things up. Go figure.

• Are there any security issues with Quicktime player on macbook

  Are there any security issues with Quick Time Player on macbook pro? 2010 model running Yosemite recently upgraded. Thanks!

  No.

• HT201178 Are there security issues with pairing keyboards with certain passkeys?

  Are there security issues with pairing keyboards with certain passkeys?

  Hello, some info on that...
  http://x704.net/bbs/viewtopic.php?f=29&t=6059&p=73599&hilit=bluetooth#p73599

• Security issue with unlocking my iPhone 4?

  I'm not sure if anyone here will be able to help me but I am trying to get my iPhone unlocked with AT&T. I bought my iPhone on contract through AT&T in December 2010. My account is in good standing. I paid my ETF, it's technically eligible to be unlocked. I called AT&T on April 9th for an unlock and it's now April 19th and still no wordd from them. I've called several times and they won't tell me what's going on other than that "there is a security issue with unlocking my iPhone and the issue is with Apple, but they are working on it." From my understanding, all AT&T needs is the unlock code to enter into the system and unlock it from there. I don't know what security issues could possibly exist that would create a problem. The only thing I can think of is that when I orginally bought my iPhone it turned out to be a lemon and had to get it replaced the day after I bought it. I did this through an Apple store since it was around Christmas. The IMEI number on my phone doesn't match the one AT&T has on file, but that shouldn't matter? I gave them the right IMEI number that is on my current phone. Does anyone know what "security issues" can exist when it comes to unlocking an iPhone 4?

  Don't stress over the words used by the customer service people at AT&T. Half of them don't know what they're talking about more than half the time.  You are probably correct in that it has something to do with their database being inaccurate. 
  Give it a few days, then contact them again and ask for it to be escalated.
  Ignor rNair. The idea that Apple made it mandatory for AT&T to do anything is complete and total bunk. (S)He has no idea what (s)he's talking about

• Xcelsius Engage: Issue with dynamic visibilty of data in dashboard

  Hi,
  We have a requirement for a dashboard where data for 5 Sites need to be displayed as per 17 KPIs and 12 different rolling months.
  Raw sample data looks like below-
  SITE  KPI        ActYTD  Act(Pre Month) PlanYTD  Plan(Prev Month)  VarianceYTD Variance(Pre Month)
  A       On-Time   76.7         82.92                  111.50       109.50             -1                    -1
  B       Delay       73.70       80.00                   79.75        77.75             -1                     1
  There are 5 different Sites and 17 different KPIs.
  Based on the raw data that we get from BI (7.0 query output), we manipulate it in MS excel, using some lookups and formulae to obtain certain values, store them in designated sheets and then Xcelsius (different components) use these sheets as source.
  We are having three levels of navigation-
  1. Main screen listing all KPIs site wise and months ( the site and months could be selected from Combo boxes at the top). The KPIs are bind to a list view, each row is a selectable KPI leading to level two navigation.
  2. Level two contains the details for each KPI ( values and trend chart). Selection in the chart for a Site leads to level 3 navigation.
  3. Level 3 screen contains data by KPI and by Site for 12 rolling months ( The sites could be changed from a drop-down).
  There are custom navigation buttons (home/back) to enable navigations between the screens.
  We are using 3 panel containers, 2 list views, 4-5 combo boxes and some hidden button ( with dynamic visibilty).
  The workbook has 8-9 different sheets, though the Xcelsius componets are bound to only 3 sheets.
  Things work fine till we select 14th KPI , but Xcelsius starts behaving awkwardly when we select 15th KPI and further.For the selected KPI, the level two screen would load for a flash of a second and then the control comes back to level 1 screen. We do not face this issue till 14th KPI.
  In-order to eliminate possibiltes we did the following-
  1. Changed the order of KPIs - issue persists
  2. Changed the Excel option " Max. no of Rows" to 4000- issue persists
  3. Decreased the amount of data to be loaded - issue persists ( though at max we are loading data for 2000 rows)
  4. Decreased the no. of KPIs to 14 in level 1 list view - all works fine.
  We have not noticed any gradual decrease in performance/load time till 14th KPI but everything goes for a toss when the 15th KPI is displayed.
  We are on the latest Xcelsius patch ( patch 3).
  We would appreciate any pointers/help to resolve this issue.
  Thanks in advance for your time.
  Best Regards,
  Bansi.

  How many total rows are you dealing with in your spreadsheet?
  -Dell

• Performance issues with class loader on Windows server

  We are observing some performance issues in our application. We are Using weblogic 11g with Java6 on a windows 2003 server
  The thread dumps indicate many threads are waiting in queue for the native file methods:
  "[ACTIVE] ExecuteThread: '106' for queue: 'weblogic.kernel.Default (self-tuning)'" RUNNABLE
       java.io.WinNTFileSystem.getBooleanAttributes(Native Method)
       java.io.File.exists(Unknown Source)
       weblogic.utils.classloaders.ClasspathClassFinder.getFileSource(ClasspathClassFinder.java:398)
       weblogic.utils.classloaders.ClasspathClassFinder.getSourcesInternal(ClasspathClassFinder.java:347)
       weblogic.utils.classloaders.ClasspathClassFinder.getSource(ClasspathClassFinder.java:316)
       weblogic.application.io.ManifestFinder.getSource(ManifestFinder.java:75)
       weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
       weblogic.application.utils.CompositeWebAppFinder.getSource(CompositeWebAppFinder.java:71)
       weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
       weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
       weblogic.utils.classloaders.CodeGenClassFinder.getSource(CodeGenClassFinder.java:33)
       weblogic.utils.classloaders.GenericClassLoader.findResource(GenericClassLoader.java:210)
       weblogic.utils.classloaders.GenericClassLoader.getResourceInternal(GenericClassLoader.java:160)
       weblogic.utils.classloaders.GenericClassLoader.getResource(GenericClassLoader.java:182)
       java.lang.ClassLoader.getResourceAsStream(Unknown Source)
       javax.xml.parsers.SecuritySupport$4.run(Unknown Source)
       java.security.AccessController.doPrivileged(Native Method)
       javax.xml.parsers.SecuritySupport.getResourceAsStream(Unknown Source)
       javax.xml.parsers.FactoryFinder.findJarServiceProvider(Unknown Source)
       javax.xml.parsers.FactoryFinder.find(Unknown Source)
       javax.xml.parsers.DocumentBuilderFactory.newInstance(Unknown Source)
       org.ajax4jsf.context.ResponseWriterContentHandler.<init>(ResponseWriterContentHandler.java:48)
       org.ajax4jsf.context.ViewResources$HeadResponseWriter.<init>(ViewResources.java:259)
       org.ajax4jsf.context.ViewResources.processHeadResources(ViewResources.java:445)
       org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:193)
       org.apache.myfaces.lifecycle.RenderResponseExecutor.execute(RenderResponseExecutor.java:41)
       org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:140)
  On googling this seems to be an issue with java file handling on windows servers and I couldn't find a solution yet. Any recommendation or pointer is appreciated

  Hi shubhu,
  I just analyzed your partial Thread Dump data, the problem is that the ajax4jsf framework ResponseWriterContentHandler triggers internally a new instance of the DocumentBuilderFactory; every time; triggering heavy IO contention because of Class loader / JAR file search operations.
  Too many of these IO operations under heavy load will create excessive contention and severe performance degradation; regardless of the OS you are running your JVM on.
  Please review the link below and see if this is related to your problem.. This is a known issue in JBOSS JIRA when using RichFaces / ajaxJSF.
  https://issues.jboss.org/browse/JBPAPP-6166
  Regards,
  P-H
  http://javaeesupportpatterns.blogspot.com/