BugTraq Mode:
(Page 15 of 525)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >
Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability 2016-12-14
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTI
ON-VULNERABILITY.txt

[+] ISR: ApparitionSec

Vendor:
=============
www.adobe.com

Product(s):
=============================
Adobe An

[ more ]  [ reply ]
Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability 2016-12-14
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2016/12/14

Microsoft Windows Type 1 Font Processing Vulnerability

======================================================================

Table of Contents

Affected Software......

[ more ]  [ reply ]
CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the 32nd entry in the
series. This information is available in more detail on my blog at
http://blog.skylined.nl/20161214001.html. There you can find a repro
that triggered this issue

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-348-01) 2016-12-13
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-348-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the thirty-first entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161213001.html. There you can find a repro
that triggered th

[ more ]  [ reply ]
APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-7 Additional information for
APPLE-SA-2016-12-12-2 watchOS 3.1.1

watchOS 3.1.1 addresses the following:

Accounts
Available for: All Apple Watch models
Impact: An issue existed which did not reset the authorization
settings on ap

[ more ]  [ reply ]
APPLE-SA-2016-12-13-8 Transporter 1.9.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-8 Transporter 1.9.2

Transporter 1.9.2 is now available and addresses the following:

iTMSTransporter
Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit),
Windows 7 and later (32 bit), and Red Hat Enterprise Linux (

[ more ]  [ reply ]
APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-5 Additional information for
APPLE-SA-2016-12-12-1 iOS 10.2

iOS 10.2 addresses the following:

Accessibility
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A nearby u

[ more ]  [ reply ]
APPLE-SA-2016-12-13-2 Safari 10.0.2 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-2 Safari 10.0.2

Safari 10.0.2 is now available and addresses the following:

Safari Reader
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.1
Impact: Enabling the Safari Reader feature on a

[ more ]  [ reply ]
APPLE-SA-2016-12-13-3 iTunes 12.5.4 2016-12-13
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-13-3 iTunes 12.5.4

iTunes 12.5.4 is now available and addresses the following:

WebKit
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addres

[ more ]  [ reply ]
[slackware-security] kernel (SSA:2016-347-01) 2016-12-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kernel (SSA:2016-347-01)

New kernel packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-347-03) 2016-12-12
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-347-03)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
Apple iOS/tvOS/watchOS Remote memory corruption through certificate 2016-12-12
submit cxsec org
Apple iOS/tvOS/watchOS Remote memory corruption through certificate file
Source:
https://cxsecurity.com/issue/WLB-2016110046

------------------------------------------------------------------------
--------------
0. Short description
Special crafted certificate file may lead to memory corruption of

[ more ]  [ reply ]
APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-2 watchOS 3.1.1

watchOS 3.1.1 is now available and addresses the following:

Accounts
Available for: All Apple Watch models
Impact: An issue existed which did not reset the authorization
settings on app uninstall
Description: Thi

[ more ]  [ reply ]
APPLE-SA-2016-12-12-3 tvOS 10.1 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-3 tvOS 10.1

tvOS 10.1 is now available and addresses the following:

Profiles
Available for: Apple TV (4th generation)
Impact: Opening a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory c

[ more ]  [ reply ]
APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-12
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-1 iOS 10.2

iOS 10.2 is now available and addresses the following:

Accessibility
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A nearby user may be able to overhear

[ more ]  [ reply ]
[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure 2016-12-12
Mark Thomas (markt apache org)
CVE-2016-8745 Apache Tomcat Information Disclosure

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.0.M13
Apache Tomcat 8.5.0 to 8.5.8
Earlier versions are not affected.

Description
The refactoring of the Connector code for 8.5.x onwards

[ more ]  [ reply ]
[SECURITY] [DSA 3730-1] icedove security update 2016-12-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3730-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
December 11, 2016

[ more ]  [ reply ]
MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-ninth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161209001.html. There you can find a repro
that triggered th

[ more ]  [ reply ]
Symantec VIP Access Desktop Arbitrary DLL Execution 2016-12-09
apparitionsec gmail com - hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-VIP-ACCESS-ARBITRARY
-DLL-EXECUTION.txt

[+] ISR: ApparitionSec

Vendor:
================
www.symantec.com

Product:
===================
Symantec VIP Acce

[ more ]  [ reply ]
AST-2016-009: <br> 2016-12-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - ASTERISK-2016-009

Product Asterisk
Summary
Nature of Advisory Authentication Bypass
Susceptibility Remote unauthenticated s

[ more ]  [ reply ]
AST-2016-008: Crash on SDP offer or answer from endpoint using Opus 2016-12-08
Asterisk Security Team (security asterisk org)
Asterisk Project Security Advisory - AST-2016-008

Product Asterisk
Summary Crash on SDP offer or answer from endpoint using
Opus

[ more ]  [ reply ]
CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-eighth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161208001.html. There you can find a repro
that triggered t

[ more ]  [ reply ]
[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information 2016-12-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053494
99

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05349499

Version: 1

HPSBHF03674 rev.1

[ more ]  [ reply ]
Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07
Filippo Cavallarin (filippo cavallarin wearesegment com)

Advisory ID: SGMA16-004
Title: Microsoft Remote Desktop Client for Mac Remote Code Execution
Product: Microsoft Remote Desktop Client for Mac
Version: 8.0.36 and probably prior
Vendor: www.microsoft.com
Vulnerability type: Undisclosed
Risk level: 4 / 5
Credit: filippo.cavallarin (at) wearesegment (dot) com [email concealed]
CV

[ more ]  [ reply ]
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07
ESNC Security (secure esnc de)
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for
SAP Security

Please refer to https://www.esnc.de for the original security
advisory, updates, and additional information.

----------------------------------------------------------------------
1. Business Impact
---------------

[ more ]  [ reply ]
CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
Berend-Jan Wever (berendj nwever nl)
Since November I have been releasing details on all vulnerabilities I
found in web-browsers that I had not released before. I will try to
continue to publish all my old vulnerabilities, including those not in
web-browser, as long as I can find some time to do so. If you find this
information useful,

[ more ]  [ reply ]
Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06
Berend-Jan Wever (berendj nwever nl)
FYI: this link to my blog was 404 until early this morning. It is now up
if you are still interested in reading it.

On 05-12-2016 11:55, Berend-Jan Wever wrote:
> Since November I have been releasing details on all vulnerabilities I
> found in web-browsers that I had not released before. I will try

[ more ]  [ reply ]
CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
Eissing Stefan (stefan eissing gmail com)
Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on

[ more ]  [ reply ]
Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-E
XFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows Sys

[ more ]  [ reply ]
Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTE
R-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
===========================

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-336-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
59

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759

Version: 3

HPSBUX03665 rev.3

[ more ]  [ reply ]
[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053475
41

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05347541

Version: 1

HPSBGN03680 rev.1

[ more ]  [ reply ]
[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053448
49

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05344849

Version: 1

HPSBGN03677 rev.1

[ more ]  [ reply ]
[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30
FOXMOLE Advisories (advisories foxmole com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=== FOXMOLE - Security Advisory 2016-05-02 ===

e107 Content Management System (CMS) - Multiple Issues
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Affected Versions
=================
e107 2.1.2 Bootstrap CMS

Issue Overview
==============

[ more ]  [ reply ]
[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access 2016-11-30
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053414
63

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05341463

Version: 1

HPSBHF03682 rev.1

[ more ]  [ reply ]
[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30
RedTeam Pentesting GmbH (release redteam-pentesting de)
Advisory: Less.js: Compilation of Untrusted LESS Files May Lead to Code
Execution through the JavaScript Less Compiler

RedTeam Pentesting discovered behaviour in the Less.js compiler,
which allows execution of arbitrary code if an untrusted LESS file is
compiled.

Details
=======

Produc

[ more ]  [ reply ]
XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
Winni Neessen (winni insecure so)
XSS vulnerabilty in the tooltip plugin of Zurb Foundation 5.x
=============================================================

URL to this advisory: https://nop.li/foundation5tooltipxss

Vendor
======
http://zurb.com/

Product
=======
(Taken from http://foundation.zurb.com/sites/docs/v/5.5.3/)
Foundat

[ more ]  [ reply ]
Google Chrome Accessibility blink::Node corruption details 2016-11-29
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twenty-first entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these throug

[ more ]  [ reply ]
SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20161128-0 >
=======================================================================
title: Denial of service & heap-based buffer overflow
product: Guidance Software EnCase Forensic Imager & EnCase Forensic
vulnerable versi

[ more ]  [ reply ]
[SECURITY] [DSA 3725-1] icu security update 2016-11-27
Luciano Bello (luciano debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3725-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Luciano Bello
November 27, 2016

[ more ]  [ reply ]
Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/CORE-FTP-REMOTE-SSH-SFTP-BUFF
ER-OVERFLOW.txt

[+] ISR: ApparitionSec

Vendor:
===============
www.coreftp.com

Product:
========================
Core FTP LE (clie

[ more ]  [ reply ]
WorldCIST'2017 - Submission deadline: November 30 2016-11-26
ML (marialemos72 gmail com)
* Best papers published in several SCI/SSCI-indexed journals
** Proceedings by Springer, indexed by ISI, Scopus, DBLP, EI-Compendex, etc.

------------------------------------------------------------------------
---------
WorldCIST'17 - 5th World Conference on Information Systems and Technologies
Po

[ more ]  [ reply ]
CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
Apache OpenOffice Security (orcmid apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2016-6803
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6803>
Apache OpenOffice Advisory
<https://www.openoffice.org/security/cves/CVE-2016-6803.html>

Title: Windows Installer Can Enable Privileged Trojan Execution

Version 1.0
Announced O

[ more ]  [ reply ]
Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)
*********************************************************************
Call for Participation

CyberSec2017: The Fifth International Conference on Cyber Security,
Cyber Welfare and Digital Forensic

22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia

https://goo.gl/mbDr7F

**************

[ more ]  [ reply ]
[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3724-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 24, 2016

[ more ]  [ reply ]
Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25
Jackie Blanco (jackie sdiwc info)
*********************************************************************
Call for Participation

CyberSec2017: The Fifth International Conference on Cyber Security,
Cyber Welfare and Digital Forensic

22-24 April 2017, St. Mary's University, Addis Ababa, Ethiopia

https://goo.gl/mbDr7F

**************

[ more ]  [ reply ]
[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3723-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 24, 2016

[ more ]  [ reply ]
WorldCIST'17 - Submission deadline: November 27 2016-11-24
ML (marialemos72 gmail com)
* Best papers published in SCI/SSCI-indexed journals
** Proceedings by Springer, indexed in ISI, Scopus, DBLP, EI-Compendex, etc.

------------------------------------------------------------------------
---------
WorldCIST'17 - 5th World Conference on Information Systems and Technologies
Porto Sant

[ more ]  [ reply ]
[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-107
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Cryptographic Issues (CWE-310)
Risk Level: Low
Solution St

[ more ]  [ reply ]
[SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-071
Product: Smart GSM Alarm SA 2500 Kit
Manufacturer: Blaupunkt
Affected Version(s): v1.0
Tested Version(s): v1.0
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufactur

[ more ]  [ reply ]
[SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-064
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Improper Restriction of Excessive Authentication
At

[ more ]  [ reply ]
[SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24
gerhard klostermeier syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-066
Product: M2B GSM Wireless Alarm System
Manufacturer: Multi Kon Trade
Affected Version(s): Unspecified
Tested Version(s): Unspecified
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution S

[ more ]  [ reply ]
[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24
Dawid Golunski (dawid legalhackers com)
Vulnerability: GNU Wget < 1.18 Access List Bypass / Race Condition
CVE-2016-7098

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Severity: Medium

GNU wget in version 1.17 and earlier, when used in mirroring/recursive mode,
is affected by a Race Condition vulnerability th

[ more ]  [ reply ]
[security bulletin] HPSBHF03673 rev.1 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-11-23
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053368
88

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05336888

Version: 1

HPSBHF03673 rev.1

[ more ]  [ reply ]
CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
seventeenth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through

[ more ]  [ reply ]
[SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-106
Product: EASY HOME Alarmanlagen-Set
Manufacturer: monolith GmbH
Affected Version(s): Model No. MAS-S01-09
Tested Version(s): Model No. MAS-S01-09
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medi

[ more ]  [ reply ]
[SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks 2016-11-23
matthias deeg syss de
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Advisory ID: SYSS-2016-072
Product: Protect 9061
Manufacturer: Olympia
Affected Version(s): Article No. 5943 rev.03
Tested Version(s): Article No. 5943 rev.03
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution St

[ more ]  [ reply ]
[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22
CORE Advisories Team (advisories coresecurity com)
1. Advisory Information

Title: TP-LINK TDDP Multiple Vulnerabilities
Advisory ID: CORE-2016-0007
Advisory URL: http://www.coresecurity.com/advisories/tp-link-tddp-multiple-vulnerabili
ties
Date published: 2016-11-21
Date of last update: 2016-11-18
Vendors contacted: TP-Link
Release mode: User releas

[ more ]  [ reply ]
CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
sixteenth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through D

[ more ]  [ reply ]
Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
Andrea Barisani (andrea inversepath com)

The following vulnerabilities have been reported to Siemens CERT and are now
covered by by Siemens Security Advisory SSA-603476, published today
(2016-11-21) and available at the following URL:

http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-6034
76.pdf

-- CVE-016-8672 --------

[ more ]  [ reply ]
[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3719-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
November 21, 2016

[ more ]  [ reply ]
[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Vendor URL: http://SAP.com

Bug: XXE

Sent: 09.03.2016

Reported: 10.03.2016

Vendor response: 10.03.2016

Date of Public Advisory: 09.08.2016

Reference: SAP Security Note 2296909

Author: Vahagn Vardanyan (ERPScan)

[ more ]  [ reply ]
Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
Dawid Golunski (dawid legalhackers com)
Vulnerability: Nginx (Debian-based distros) - Root Privilege
Escalation (CVE-2016-1247)

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Nginx web server packaging on Debian-based distributions such as Debian or
Ubuntu was found to create log directories with insecure permi

[ more ]  [ reply ]
[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting 2016-11-20
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AppFusions Doxygen for Atlassian Confluence
Vendor URL: www.appfusions.com
Type: Cross-site Scripting [CWE-79]
Date found: 2016-06-29
Date published: -
CVSSv3 Score:

[ more ]  [ reply ]
[RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure 2016-11-20
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AppFusions Doxygen for Atlassian Confluence
Vendor URL: www.appfusions.com
Type: Information Exposure Through an Error Message [CWE-209]
Date found: 2016-06-29
Date p

[ more ]  [ reply ]
[RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution 2016-11-20
Julien Ahrens (julien ahrens rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AppFusions Doxygen for Atlassian Confluence
Vendor URL: www.appfusions.com
Type: Path Traversal [CWE-22]
Date found: 2016-06-23
Date published: -
CVSSv3 Score: 6.3

[ more ]  [ reply ]
Multiple issues in OpManager 12100 & 12200 2016-11-20
Michael Heydon (michael mheydon net)
Title: Multiple issues in OpManager
Author: Michael Heydon
Product: OpManager
Tested Versions: 12100 & 12200
Vendor: Zoho ManageEngine
Vendor Notified: 2016-08-14
Disclosure Date: 2016-11-20

Product Description:
====================
OpManager is a web-based network monitoring system. It is used p

[ more ]  [ reply ]
[security bulletin] HPSBHF03675 rev.1 - HPE Integrated Lights-Out 3 and 4 (iLO 3, iLO 4), Cross-Site Scripting (XSS) 2016-11-20
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053370
25

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05337025

Version: 1

HPSBHF03675 rev.1

[ more ]  [ reply ]
Putty Cleartext Password Storage 2016-11-20
apparitionsec gmail com/hyp3rlinx
[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/PUTTY.EXE-INSECURE-PASSWORD-S
TORAGE.txt

[+] ISR: ApparitionSec

Vendor:
==========================
www.chiark.greenend.org.uk

Product:
===========
Putty.exe
v0.

[ more ]  [ reply ]
[RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution 2016-11-20
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: AppFusions Doxygen for Atlassian Confluence
Vendor URL: www.appfusions.com
Type: Path Traversal [CWE-22]
Date found: 2016-06-23
Date published: -
CVSSv3 Score: 6.3

[ more ]  [ reply ]
Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin 2016-11-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

---------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Check Email WordPress Plugin 2016-11-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Check Email WordPress Plugin
------------------------------------------------------------------------

Antonis Manaras, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin 2016-11-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin
------------------------------------------------------------------------

Antonis Manaras, July 2016

-----------------------------------------------------------

[ more ]  [ reply ]
[slackware-security] mozilla-firefox (SSA:2016-323-01) 2016-11-18
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-firefox (SSA:2016-323-01)

New mozilla-firefox packages are available for Slackware 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
pa

[ more ]  [ reply ]
CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details 2016-11-18
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
fourteenth entry in that series. Unfortunately I won't be able to
publish everything within one month at the current rate, so I may
continue to publish these through

[ more ]  [ reply ]
Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability 2016-11-18
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2003

Release Date:
=============
2016-11-14

Vulnerability Laboratory ID (VL-ID):
======

[ more ]  [ reply ]
[ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using READ DATASET 2016-11-18
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver AS ABAP

Versions Affected: SAP NetWeaver AS ABAP 7.4

Vendor URL: http://SAP.com

Bugs: Directory traversal

Sent: 22.04.2016

Reported: 23.04.2016

Vendor response: 23.04.2016

Date of Public Advisory: 09.08.2016

Reference: SAP Security Note 2312966

Author: Daria Pro

[ more ]  [ reply ]
[ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal vulnerability 2016-11-18
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 to 7.5

Vendor URL: http://SAP.com

Bugs: Directory traversal

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 09.08.2016

Reference: SAP Security Note 2280371

Author:

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody 2016-11-17
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

in response to <http://seclists.org/fulldisclosure/2016/Jan/24>
EmsiSoft fixed some of the DLL hijacking vulnerabilities in some
of their executable installers and unpackers.

EmsisoftEmergencyKit.exe still has beginner's errors which allow
escalation of privilege for EVERY local user:

0.

[ more ]  [ reply ]
[SECURITY] [DSA 3716-1] firefox-esr security update 2016-11-16
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3716-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
November 16, 2016

[ more ]  [ reply ]
[security bulletin] HPSBGN03676 rev.1 - HPE Helion OpenStack Glance Image Service, Remote Denial of Service (DoS) 2016-11-16
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053333
84

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333384

Version: 1

HPSBGN03676 rev.1

[ more ]  [ reply ]
CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details 2016-11-16
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
twelfth entry in that series. Unfortunately I won't be able to publish
everything within one month at the current rate, so I may continue to
publish these through Dec

[ more ]  [ reply ]
[security bulletin] HPSBST03671 rev.1 - HPE StoreEver MSL6480 Tape Library, Remote Unauthorized Disclosure of Information 2016-11-15
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053332
97

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05333297

Version: 1

HPSBST03671 rev.1

[ more ]  [ reply ]
Actiontec WCB3000N (Telus Branded) Local Unauthenticated Privilege Elevation and Password Reset 2016-11-15
Andrew Klaus (andrewklaus gmail com)
### Device Details
Vendor: Actiontec (Telus Branded)
Model: WCB3000N
Affected Firmware: v0.16.2.5
Device Manual: http://static.telus.com/common/cms/files/internet/wifi_plus_extender.pdf

Reported: November 2015
Status: Fixed on newest pushed firmware version
CVE: Update is handled by the vendor, th

[ more ]  [ reply ]
CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-14
Hector Marco (hmarco hmarco org) (1 replies)
Hello All,

Affected package
----------------
Cryptsetup <= 2:1

CVE-ID
------
CVE-2016-4484

Description
-----------
A vulnerability in Cryptsetup, concretely in the scripts that unlock the
system partition when the partition is ciphered using LUKS (Linux
Unified Key Setup).

This vulnerability

[ more ]  [ reply ]
Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-15
Leo Famulari (leo famulari name)
[security bulletin] HPSBUX03665 rev.2 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection 2016-11-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
59

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324759

Version: 2

HPSBUX03665 rev.2

[ more ]  [ reply ]
[security bulletin] HPSBGN03669 rev.1 - HPE SiteScope, Local Elevation of Privilege, Remote Denial of Service, Arbitrary Code Execution and Cross-Site Request Forgery 2016-11-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Note: the current version of the following document is available here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c053247
55

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05324755

Version: 1

HPSBGN03669 rev.1

[ more ]  [ reply ]
SEC Consult SA-20161114-0 :: Multiple vulnerabilities in I-Panda SolarEagle - Solar Controller Administration Software / MPPT Solar Controller SMART2 2016-11-14
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult Vulnerability Lab Security Advisory < 20161114-0 >
=======================================================================
title: Multiple vulnerabilities
product: I-Panda SolarEagle - Solar Controller Administration
Software / MPPT Solar Co

[ more ]  [ reply ]
WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-13
iedb team gmail com
Mail Delivery Reports crash database Local Vulnerability in WHM Panel All Version

###########################

# WHM Panel Mail Delivery Reports crash database Vulnerability

###########################

#####################################

# Iranian Exploit DataBase And Security

[ more ]  [ reply ]
Multiple vulnerabilities in Barco Clickshare 2016-11-14
vincent ruijter kpn com
CVE-2016-3149 - Remote Code Execution in Barco ClickShare CSC-1 and CSM-1
Affected versions: all versions prior to v01.09.03 (CSC-1) and v01.06.02 (CSM-1).
A remote code execution vulnerability exists within the Barco ClickShare base unit software, that could lead to full compromise of the appliance

[ more ]  [ reply ]
WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-12
iedb team gmail com
Mail Delivery Reports crash database in whm panel 60.0 ( build 17) version local exploit
Pic:http://kkli.ir/C6LGY

#####################################

# Iranian Exploit DataBase And Security Team - iedb.ir

# Title : WHM Panel Mail Delivery Reports crash database Vulnerability

#

[ more ]  [ reply ]
CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details 2016-11-14
Berend-Jan Wever (berendj nwever nl)
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
tenth entry in that series.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161114001.html.

Follow me on http://twitter.co

[ more ]  [ reply ]
[CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE 2016-11-13
Maxim Solodovnik (solomax apache org)
Severity: Moderate

Vendor: The Apache Software Foundation

Versions Affected: Apache OpenMeetings 3.1.0

Description: Apache Openmeetings is vulnerable to Remote Code
Execution via RMI deserialization attack

The issue was fixed in 3.1.2
All users are recommended to upgrade to Apache OpenMeetings 3

[ more ]  [ reply ]
CVE-2016-9277: A IDX Out of Bound vulnerability in systemui can make crash and ui restart 2016-11-12
unlimitsec gmail com
Description of the potential vulnerability:
Severity: Low
Affected versions: L(5.0/5.1), M(6.0)
Disclosure status: Privately disclosed.
One of the activities in SystemUI can produce array index out of bounds exception as a combination of some APIs and it leads to UI restart.
The patch fixes the vuln

[ more ]  [ reply ]
[SECURITY] [DSA 3711-1] mariadb-10.0 security update 2016-11-11
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3711-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
November 11, 2016

[ more ]  [ reply ]
Secunia Research: Microsoft Windows OTF Parsing Table Encoding Record Offset Vulnerability 2016-11-10
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 2016/11/10

Microsoft Windows OTF Parsing Table Encoding Record Offset

Vulnerability

=================================================================

[ more ]  [ reply ]
CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser 2016-11-10
tallison apache org
CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: 1.6-1.13

Description: Apache Tika wraps the jmatio parser (https://github.com/gradusnikov/jmatio) to handle MATLAB files. T

[ more ]  [ reply ]
(Page 15 of 525)  < Prev  10 11 12 13 14 15 16 17 18 19 20  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus