BugTraq Mode:
(Page 1 of 1616)  1 2 3 4 5 6 7 8 9 10 11  Next >
iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the just released QuickTime 7.7.7 and iTunes 12.2 for Windows still
have quite some of the BLOODY beginners errors I already documented
in the past.

QuickTime 7.7.7, QuickTime.msi

unquoted pathname of executables in command line

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\QuickTime\shell

[ more ]  [ reply ]
Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) 2015-07-01
Pierre Kim (pierre kim sec gmail com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please find a text-only version below sent to security mailing-lists.

The complete version on exploits about my last advisory of ipTIME
products is posted here:

https://pierrekim.github.io/blog/2015-07-01-poc-with-RCE-against-127-ipt
ime-router-

[ more ]  [ reply ]
ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability 2015-07-01
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability

EMC Identifier: ESA-2015-112

CVE Identifier: CVE-2015-4525

Severity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

Affected products:

? EMC Isilon OneFS 7.2.0

[ more ]  [ reply ]
Path Traversal in BlackCat CMS 2015-07-01
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23263
Product: BlackCat CMS
Vendor: Black Cat Development
Vulnerable Version(s): 1.1.1 and probably prior
Tested Version: 1.1.1
Advisory Publication: June 10, 2015 [without technical details]
Vendor Notification: June 10, 2015
Vendor Patch: June 24, 2015
Public Disclosure: July 1

[ more ]  [ reply ]
Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1535

Video: http://www.vulnerability-lab.com/get_content.php?id=1537

Release Date:
=============
2015-06-29

[ more ]  [ reply ]
ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities

EMC Identifier: ESA-2015-108

CVE Identifier: CVE-2015-0547, CVE-2015-0548

Severity Rating: CVSSv2 Base Score: See below for CVSSv2 score for individual CVEs

Affected pro

[ more ]  [ reply ]
ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities

CVE Identifier: CVE-2015-0551, CVE-2015-4524

Severity Rating: CVSS v2 Base Score: See below for CVSSv2 scores for individual CVEs

Affected products:

? EMC Documentu

[ more ]  [ reply ]
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1538

Release Date:
=============
2015-06-30

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1463

EIBBP-31602

Release Date:
=============
2015-06-30

Vulnerability Laboratory ID (VL-ID):
=======

[ more ]  [ reply ]
Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1431

Release Date:
=============
2015-06-30

Vulnerability Laboratory ID (VL-ID):
=======================

[ more ]  [ reply ]
Extra information for CVE-2014-4626 - EMC Documentum Content Server: authenticated user is able to elevate privileges, hijack Content Server filesystem, execute arbitrary commands by creating malicious dm_job objects 2015-07-01
andrew panfilov tel
Product: EMC Documentum Content Server
Vendor: EMC
Version: ANY
CVE: N/A
Risk: High
Status: public/not fixed

On April 2014 I discovered vulnerability in EMC Documentum Content Server
which allow authenticated user to elevate privileges, hijack Content Server
filesystem or execute arbitrary command

[ more ]  [ reply ]
APPLE-SA-2015-06-30-6 iTunes 12.2 2015-07-01
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-6 iTunes 12.2

iTunes 12.2 is now available and addresses the following:

WebKit
Available for: Windows 8 and Windows 7
Impact: A man-in-the-middle attack while browsing the iTunes Store
via iTunes may lead to an unexpected appli

[ more ]  [ reply ]
[SECURITY] [DSA 3298-1] jackrabbit security update 2015-06-30
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3298-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Markus Koschany
July 01, 2015

[ more ]  [ reply ]
APPLE-SA-2015-06-30-5 QuickTime 7.7.7 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-5 QuickTime 7.7.7

QuickTime 7.7.7 is now available and addresses the following:

QT Media Foundation
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an
unexpected application

[ more ]  [ reply ]
APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001

Mac EFI Security Update 2015-001 is now available and addresses the
following:

EFI
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application with root p

[ more ]  [ reply ]
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7

Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and
address the following:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite

[ more ]  [ reply ]
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update
2015-005

OS X Yosemite v10.10.4 and Security Update 2015-005 are now available
and address the following:

Admin Framework
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 t

[ more ]  [ reply ]
APPLE-SA-2015-06-30-1 iOS 8.4 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-06-30-1 iOS 8.4

iOS 8.4 is now available and addresses the following:

Application Store
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious universal provisioning profile ap

[ more ]  [ reply ]
Google Chrome Address Spoofing (Request For Comment) 2015-06-30
David Leo (david leo deusen co uk)
Impact:
The "click to verify" thing is completely broken...
Anyone can be "BBB Accredited Business" etc.
You can make whitehouse.gov display "We love Islamic State" :-)

Note:
No user interaction on the fake page.

Code:
***** index.html
<script>
function next()
{
w.location.replace('http://www.ora

[ more ]  [ reply ]
CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP 2015-06-29
Fernando Muñoz (fernando null-life com)
TimeDoctor claims to be a software that helps to improve the
productivity of teams, reduce time spent on distractions [1]

Vulnerability:
TimeDoctor autoupdate feature downloads and executes files over plain
HTTP and doesn't perform any check with the files. An attacker with
MITM capabilities (i.e.,

[ more ]  [ reply ]
[SECURITY] [DSA 3297-1] unattended-upgrades security update 2015-06-29
Alessandro Ghedini (ghedo debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3297-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Alessandro Ghedini
June 29, 2015

[ more ]  [ reply ]
novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities 2015-06-29
apparitionsec gmail com
[+] Credits: John Page ( hyp3rlinx )

[+] Domains: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/AS-NOVIUSOS0629.txt

Vendor:
=======================
community.novius-os.org

Product:
===============================================================
novius-os.5.0

[ more ]  [ reply ]
CollabNet Subversion Edge indes local file inclusion 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: Local file inclusion in CollabNet Subversion Edge Management
# Frontend via logfile "listViewItem" parameter of the "index" action
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora

[ more ]  [ reply ]
CollabNet Subversion Edge missing single login restriction 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge management missing single login
# restriction
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: No single login restriction
#
# Risk: Lo

[ more ]  [ reply ]
CollabNet Subversion Edge weak password storage mechanism 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge stores passwords as unsalted MD5 hashes
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: Insecure password storage

# Risk: Medium
# Stat

[ more ]  [ reply ]
CollabNet Subversion Edge missing XSRF protection 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement XSRF protection tokens
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: XSRF
#
# Risk: Low
# Sta

[ more ]  [ reply ]
CollabNet Subversion Edge weak password policy 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge Management Frontend does not
# implement a strong password policy
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: Lack of defensive me

[ more ]  [ reply ]
CollabNet Subversion Edge autocomplete on 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge management frontend login page
# password field has autocomplete enabled
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: Lack of defen

[ more ]  [ reply ]
CollabNet Subversion Edge missing clickjacking protection 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge Management Frontend does not
# implement clickjacking protection
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: Clickjacking
#
# Risk

[ more ]  [ reply ]
CollabNet Subversion Edge missing brute force protection 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
# Vuln Title: The CollabNet Subversion Edge does not protect against brute
# forcing accounts
#
# Date: 28.06.2015
# Author: otr
# Software Link: https://www.open.collab.net/downloads/svnedge
# Vendor: CollabNet
# Version: 4.0.11
# Tested on: Fedora Linux
# Type: Lack of defensive measures
#
# Risk:

[ more ]  [ reply ]
(Page 1 of 1616)  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus