BugTraq Mode:
(Page 11 of 1655)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >
[SECURITY] [DSA 3427-1] blueman security update 2015-12-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3427-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 18, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3428-1] tomcat8 security update 2015-12-18
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3428-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 18, 2015

[ more ]  [ reply ]
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address

Title: Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address
Advisory ID: KL-001-2015-008
Publication Date: 2015.12.18
Publication URL

[ more ]  [ reply ]
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] grub (SSA:2015-351-01)

New grub packages are available for Slackware 14.1 and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/grub-2.00-i48

[ more ]  [ reply ]
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] libpng (SSA:2015-351-02)

New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

avira_registry_cleaner_en.exe, available from
<https://www.avira.com/en/download/product/avira-registry-cleaner>
to clean up remnants the uninstallers of their snakeoil products
fail to remove, is vulnerable: it loads and executes WTSAPI32.dll,
UXTheme.dll and RichEd20.dll from its applicat

[ more ]  [ reply ]
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3426-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 17, 2015

[ more ]  [ reply ]
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability

EMC Identifier: ESA-2015-148

CVE Identifier: CVE-2015-4545

Severity Rating: CVSS v2 Base Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)

Affected products:

? EMC Isilon

[ more ]  [ reply ]
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)

#2015-011 PyAMF input sanitization errors (XXE)

Description:

PyAMF is a Python module that implements the Action Message Format (AMF)
protocol, allowing Flash interoperation with various web frameworks.

PyAMF suffers from insufficient AMF input payload sanitization which
results in the XML parse

[ more ]  [ reply ]
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3425-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
December 17, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3425-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
December 17, 2015

[ more ]  [ reply ]
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
Apache Camel's Jetty/Servlet usage is vulnerable to Java object
de-serialisation vulnerability

If using camel-jetty, or camel-servlet as a consumer in Camel routes,
then Camel will automatic de-serialize HTTP requests that uses the
content-header: application/x-java-serialized-object.

Please study

[ more ]  [ reply ]
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3337-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 17, 2015

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2015-349-03)

New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/p

[ more ]  [ reply ]
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3424-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 16, 2015

[ more ]  [ reply ]
[security bulletin] HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized Modification 2015-12-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04923929

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04923929
Version: 1

HPSBHF03528 r

[ more ]  [ reply ]
[SECURITY] [DSA 3423-1] cacti security update 2015-12-16
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3423-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
December 16, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3421-1] grub2 security update 2015-12-16
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3421-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
December 16, 2015

[ more ]  [ reply ]
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3422-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
December 16, 2015

[ more ]  [ reply ]
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Shutdown UX DLL side loading vulnerability
------------------------------------------------------------------------

Yorick Koster, November 2015

------------------------------------------------------------------------

Abstract

[ more ]  [ reply ]
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Shockwave Flash Object DLL side loading vulnerability
------------------------------------------------------------------------

Yorick Koster, August 2015

------------------------------------------------------------------------

[ more ]  [ reply ]
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c04923105

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04923105
Version: 1

HPSBUX03529 S

[ more ]  [ reply ]
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Event Viewer Snapin multiple DLL side loading vulnerabilities
------------------------------------------------------------------------

Yorick Koster, August 2015

----------------------------------------------------------------

[ more ]  [ reply ]
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)

Overview
========

Libnsbmp[1] is a decoding library for BMP and ICO files. It is
primarily developed and used as part of the NetSurf project.

As of version 0.1.2, libnsbmp is vulnerable to a heap overflow
(CVE-2015-7508) and an out-of-bounds read (CVE-2015-7507).

CVE-2015-7508
=============

l

[ more ]  [ reply ]
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

========================================================================
=====
FreeBSD-SA-15:27.bind Security Advisory
The FreeBSD Project

Topic:

[ more ]  [ reply ]
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23280
Product: orion.extfeedbackform Bitrix module
Vendor: www.orion-soft.ru
Vulnerable Version(s): 2.1.2 and probably prior
Tested Version: 2.1.2
Advisory Publication: November 18, 2015 [without technical details]
Vendor Notification: November 18, 2015
Vendor Patch: December 11,

[ more ]  [ reply ]
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
Advisory ID: HTB23282
Product: Zen Cart
Vendor: Zen Ventures, LLC
Vulnerable Version(s): 1.5.4
Tested Version: 1.5.4
Advisory Publication: November 25, 2015 [without technical details]
Vendor Notification: November 25, 2015
Vendor Patch: November 26, 2015
Public Disclosure: December 16, 2015
Vu

[ more ]  [ reply ]
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)

Overview
========

Libnsgif[1] is a decoding library for GIF images. It is primarily
developed and used as part of the NetSurf project.

As of version 0.1.2, libnsgif is vulnerable to a stack overflow
(CVE-2015-7505) and an out-of-bounds read (CVE-2015-7506) due to the way
LZW-compressed GIF data

[ more ]  [ reply ]
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] openssl (SSA:2015-349-04)

New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+

[ more ]  [ reply ]
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2015-349-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patch

[ more ]  [ reply ]
(Page 11 of 1655)  < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus