BugTraq Mode:
(Page 20 of 525)  < Prev  15 16 17 18 19 20 21 22 23 24 25  Next >
Neoscreen v4.5 Cross-site scripting 2016-07-24
alex_haynes outlook com
Exploit Title: Neoscreen Cross-site scripting
Product: Neoscreen by Cube Digital Media
Vulnerable Versions: 4.5 and all previous versions
Tested Version: 4.5
Advisory Publication: July 24, 2016
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: NONE
Credit: Alex Haynes

Advisory Detail

[ more ]  [ reply ]
Neoscreen v4.5 Blind SQL injection 2016-07-24
alex_haynes outlook com
Exploit Title: Neoscreen Blind SQL injection
Product: Neoscreen by Cube Digital Media
Vulnerable Versions: 4.5 and all previous versions
Tested Version: 4.5
Advisory Publication: July 24, 2016
Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') [C

[ more ]  [ reply ]
Neoscreen v4.5 Authentication bypass 2016-07-24
alex_haynes outlook com
Exploit Title: Neoscreen v4.5 Authentication bypass
Product: Neoscreen by Cube Digital Media
Vulnerable Versions: 4.5 and all previous versions
Tested Version: 4.5
Advisory Publication: July 24, 2016
Vulnerability Type: Authentication Bypass Issues [CWE-592]
CVE Reference: NONE
Credit: Alex Haynes

[ more ]  [ reply ]
[SECURITY] [DSA 3626-1] openssh security update 2016-07-24
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3626-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 24, 2016

[ more ]  [ reply ]
Autobahn|Python Insecure allowedOrigins validation >= 0.14.1 2016-07-23
mgill c0ffee me
Observation:
Autobahn|Python incorrectly checks the Origin header when the 'allowedOrigins' value is set. This can allow third parties to execute legitimate requests for WAMP WebSocket requests against an Autobahn|Python/Crossbar.io server within another browser's context.

Proof of Concept:
The fol

[ more ]  [ reply ]
Defense in depth -- the Microsoft way (part 41): vulnerable by (poor implementation of bad) design 2016-07-23
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

Windows 7 introduced the "Deployment Image Servicing and Management"
tool DISM.exe; this command line program is called for example by
its predecessor PkgMgr.exe (a GUI program which requests elevated
privileges), or by Windows Update (which runs under SYSTEM account).

DISM.exe needs to be

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 37): eclipse-inst-win*.exe vulnerable to DLL redirection and manifest hijacking 2016-07-23
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

this is a followup to "case 36" (posted as "case 35" by mistake),
<http://seclists.org/bugtraq/2016/Jul/82>.

Proof of concept #1:
~~~~~~~~~~~~~~~~~~~~

1. On a 64-bit edition of Windows download the 32-bit and 64-bit
executable installers "eclipse-inst-win32.exe" and
"eclipse-inst-w

[ more ]  [ reply ]
[slackware-security] bind (SSA:2016-204-01) 2016-07-22
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bind (SSA:2016-204-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Contact Form to Email WordPress Plugin 2016-07-24
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Contact Form to Email WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

-----------------------------------------------------------------

[ more ]  [ reply ]
CA20160721-01: Security Notice for CA eHealth 2016-07-22
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160721-01: Security Notice for CA eHealth

Issued: 2016-07-21
Last Updated: 2016-07-21

CA Technologies Support is alerting customers to multiple potential risks
with CA eHealth. Two vulnerabilities exist in the web interface,
CVE-2016-6151 and CV

[ more ]  [ reply ]
[CVE-2016-5000] XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example 2016-07-22
Tim Allison (tallison apache org)
CVE-2016-5000: XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: POI 3.5-3.13

Description:

Apache POI's XLSX2CSV example uses Java's XML components to parse OpenXML files. Applications and

[ more ]  [ reply ]
MySQL zero-day vulnerabilities (July 2016 CPU) 2016-07-22
lem nikolas gmail com
MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google, Facebook, Twitter just to cite a few..

In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to identify and mitigate tho

[ more ]  [ reply ]
[SECURITY] [DSA 3625-1] squid3 security update 2016-07-22
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3625-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
July 22, 2016

[ more ]  [ reply ]
Dreammail 5 mail client XSS Vulnerability 2016-07-22
wwiinngd gmail com
Title: Dreammail 5 mail client XSS Vulnerability
Software : Dreammail

Software Version : v5.16

Vendor: www.dreammail.org

Vulnerability Published : 2016-03-21

Author:zhenwei_qi
Email:wwiinngd (at) gmail (dot) com [email concealed]
Impact : Medium(CVSS2 Base : 4.3, AV:N/AC:M/Au:N/C:N/I:P/A:N)

Bug Description :
Dream

[ more ]  [ reply ]
[slackware-security] gimp (SSA:2016-203-01) 2016-07-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gimp (SSA:2016-203-01)

New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/

[ more ]  [ reply ]
[slackware-security] php (SSA:2016-203-02) 2016-07-21
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] php (SSA:2016-203-02)

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/php

[ more ]  [ reply ]
[security bulletin] HPSBGN03631 rev.1 - HPE IceWall Identity Manager and HPE IceWall SSO Password Reset Option running Apache Commons FileUpload, Remote Denial of Service (DoS) 2016-07-21
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05204371

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05204371
Version: 1

HPSBGN03631 r

[ more ]  [ reply ]
MySQL zero-day vulnerabilities (July 2016 CPU) 2016-07-21
lem nikolas gmail com
MySQL is the most popular and most widely used database in the world. MySQL customers include NASA, US Navy, Google, Facebook, Twitter just to cite a few..

In partnership with Oracle Inc. we have worked delicately to enhance the security of the open-source product, and to identify and mitigate thos

[ more ]  [ reply ]
[SECURITY] [DSA 3624-1] mysql-5.5 security update 2016-07-21
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3624-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 21, 2016

[ more ]  [ reply ]
Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products 2016-07-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Vulnerability in Objective Systems ASN1C Compiler Affecting Cisco Products

Advisory ID: cisco-sa-20160721-asn1c

Revision: 1.0

For Public Release: 2016 July 21 19:00 GMT

+---------------------------------------------------

[ more ]  [ reply ]
CVE-2016-5399: php: out-of-bounds write in bzread() 2016-07-21
Hans Jerry Illikainen (hji dyntopia com)
PHP 7.0.8, 5.6.23 and 5.5.37 does not perform adequate error handling in
its `bzread()' function:

php-7.0.8/ext/bz2/bz2.c
,----
| 364 static PHP_FUNCTION(bzread)
| 365 {
| ...
| 382 ZSTR_LEN(data) = php_stream_read(stream, ZSTR_VAL(data), ZSTR_LEN(data));
| 383 ZSTR_VAL(data)[ZSTR_LEN(data)

[ more ]  [ reply ]
Persistent Cross-Site Scripting in WooCommerce using image metadata (EXIF) 2016-07-20
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in WooCommerce using image metadata
(EXIF)
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress Plugin 2016-07-20
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress
Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability 2016-07-20
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Unified Computing System Performance Manager Input Validation Vulnerability

Advisory ID: cisco-sa-20160720-ucsperf

Revision 1.0

For Public Release 2016 July 20 16:00 GMT (UTC)

+--------------------------------------

[ more ]  [ reply ]
[SEARCH-LAB advisory] UPC Hungary network problems 2016-07-20
Gergely Eberhardt (gergely eberhardt search-lab hu)
UPC network problems
--------------------

Platforms / Firmware confirmed affected:
- UPC Hungary network

Problems
--------
Network and device configuration problems
Administration password is sent to the device in plain in the
configuration file
Administration password, which is used also for the

[ more ]  [ reply ]
[SEARCH-LAB advisory] Compal CH7465LG-LC modem/router multiple vulnerabilities 2016-07-20
Gergely Eberhardt (gergely eberhardt search-lab hu)
Compal CH7465LG-LC modem/router multiple vulnerabilities
--------------------------------------------------------

The following vulnerabilities are the result of a quick check (~3 hours)
of the Mercury modem. We performed a systematic and deeper evaluation of
this device also, which result will be

[ more ]  [ reply ]
[SEARCH-LAB advisory] Hitron CGNV4 modem/router multiple vulnerabilities 2016-07-20
Gergely Eberhardt (gergely eberhardt search-lab hu)
Hitron CGNV4 modem/router multiple vulnerabilities
--------------------------------------------------

Platforms / Firmware confirmed affected:
- Hitron CGNV4, 4.3.9.9-SIP-UPC
- Product page: http://www.hitrontech.com/en/cable_detail.php?id=62

Vulnerabilities
---------------
Insecure session manage

[ more ]  [ reply ]
[SEARCH-LAB advisory] Technicolor TC7200 modem/router multiple vulnerabilities 2016-07-20
Gergely Eberhardt (gergely eberhardt search-lab hu)
Technicolor TC7200 modem/router multiple vulnerabilities
--------------------------------------------------------

Platforms / Firmware confirmed affected:
- Technicolor TC7200, STD6.02.11
- Product page:
http://www.technicolor.com/en/solutions-services/connected-home/broadban
d-devices/cable-modems-

[ more ]  [ reply ]
[SEARCH-LAB advisory] Cisco EPC3925 UPC modem/router default passphrase vulnerabilities 2016-07-20
Gergely Eberhardt (gergely eberhardt search-lab hu)
Cisco EPC3925 UPC modem/router default passphrase vulnerabilities
-----------------------------------------------------------------

Platforms / Firmware confirmed affected:
- Cisco EPC3925, ESIP-12-v302r125573-131230c_upc

Vulnerabilities
---------------
Default SSID and passphrase can be calculate

[ more ]  [ reply ]
[SECURITY] [DSA 3623-1] apache2 security update 2016-07-20
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3623-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 20, 2016

[ more ]  [ reply ]
CVE-2016-5080: Memory corruption in code generated by Objective Systems Inc. ASN1C compiler for C/C++ [STIC-2016-0603] 2016-07-19
Programa STIC (stic fundacionsadosky org ar)
Fundación Dr. Manuel Sadosky - Programa STIC Advisory
www.fundacionsadosky.org.ar

Heap memory corruption in ASN.1 parsing code generated by Objective
Systems Inc. ASN1C compiler for C/C++

1. *Advisory Information*

Title: Heap memory corruption in ASN.1 parsing code generated by
Objective S

[ more ]  [ reply ]
Multiple SQL injection vulnerabilities in WordPress Video Player 2016-07-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Multiple SQL injection vulnerabilities in WordPress Video Player
------------------------------------------------------------------------

David Vaartjes & Yorick Koster, July 2016

----------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Icegram WordPress Plugin 2016-07-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Icegram WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin 2016-07-19
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress
Plugin
------------------------------------------------------------------------

Han Sahin, July 2016

------------------------------------------------------

[ more ]  [ reply ]
Executable installers are vulnerable^WEVIL (case 35): eclipse-inst-win*.exe vulnerable to DLL and EXE hijacking 2016-07-19
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

eclipse-inst-win32.exe (and of course eclipse-inst-win64.exe
too) loads and executes multiple DLLs (in version 4.5 also
CMD.EXE) from its "application directory".

* version 4.5 ("Mars") on Windows 7:
UXTheme.dll, WindowsCodecs.dll, AppHelp.dll, SrvCli.dll,
Slc.dll, NTMarta.dll, ProfAPI

[ more ]  [ reply ]
Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186) 2016-07-19
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1869

Security Release: https://www.djangoproject.com/weblog/2016/jul/18/security-releases

[ more ]  [ reply ]
APPLE-SA-2016-07-18-6 iTunes 12.4.2 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-6 iTunes 12.4.2

iTunes 12.4.2 for Windows is now available and addresses the following:

libxml2
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed
through improved memory h

[ more ]  [ reply ]
APPLE-SA-2016-07-18-5 Safari 9.1.2 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-5 Safari 9.1.2

Safari 9.1.2 is now available and addresses the following:

WebKit
Available for: OS X El Capitan v10.11.6
Impact: Visiting a malicious website may disclose image data from
another website
Description: A timing i

[ more ]  [ reply ]
APPLE-SA-2016-07-18-4 tvOS 9.2.2 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-4 tvOS 9.2.2

tvOS 9.2.2 is now available and addresses the following:

CoreGraphics
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue

[ more ]  [ reply ]
APPLE-SA-2016-07-18-3 watchOS 2.2.2 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-3 watchOS 2.2.2

watchOS 2.2.2 is now available and addresses the following:

CoreGraphics
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A remote attacker may be able to execut

[ more ]  [ reply ]
APPLE-SA-2016-07-18-2 iOS 9.3.3 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-2 iOS 9.3.3

iOS 9.3.3 is now available and addresses the following:

Calendar
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted calendar invite may cause a

[ more ]  [ reply ]
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004 2016-07-19
Apple Product Security (product-security-noreply lists apple com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update
2016-004

OS X El Capitan v10.11.6 and Security Update 2016-004 is now
available and addresses the following:

apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capita

[ more ]  [ reply ]
[SECURITY] [DSA 3622-1] python-django security update 2016-07-18
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3622-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2016

[ more ]  [ reply ]
[CVE-2016-1281] NOT FIXED: VeraCrypt*Setup*.exe still vulnerable to DLL hijacking 2016-07-18
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

this is basically a followup to <http://seclists.org/oss-sec/2016/q1/58>

CVE-2016-1281 is NOT FIXED!

I've retested the current "VeraCrypt Setup 1.17.exe" on a fully
patched Windows 7, and it is STILL (or AGAIN) vulnerable there.

The following DLLs are loaded from the "application directo

[ more ]  [ reply ]
[SECURITY] [DSA 3621-1] mysql-connector-java security update 2016-07-18
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3621-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2016

[ more ]  [ reply ]
[Remote Format String Exploit] Axis Communications MPQT/PACS Server Side Include (SSI) Daemon 2016-07-18
bashis (mcw noemail eu)

#!/usr/bin/env python2.7
#
# [SOF]
#
# [Remote Format String Exploit] Axis Communications MPQT/PACS Server Side Include (SSI) Daemon
# Research and development by bashis <mcw noemail eu> 2016
#
# This format string vulnerability has following characteristic:
# - Heap Based (Exploiting string locat

[ more ]  [ reply ]
Multiple vulns in Vodafone EasyBox 804 2016-07-17
Tim Schughart (info prosec-networks com)
Hi@all

#### General Information
## Report history:
Since 01.05. we have contacted the support of Vodafone 3 times. There has been no response until today.
Toady we release the vulnerabilities in hope that Vodafone will react.

## Vendor Information:
Vodafone is worldwide operating ISP.
Quotation of

[ more ]  [ reply ]
[SECURITY] [DSA 3620-1] pidgin security update 2016-07-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3620-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 15, 2016

[ more ]  [ reply ]
[SECURITY] [DSA 3619-1] libgd2 security update 2016-07-15
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3619-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 15, 2016

[ more ]  [ reply ]
[security bulletin] HPSBMU03562 rev.3 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-07-14
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05054565

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05054565
Version: 3

HPSBMU03562 r

[ more ]  [ reply ]
[ERPSCAN-16-019] SAP NetWeaver Enqueue Server - DoS vulnerability 2016-07-14
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver Enqueue Server

Versions Affected: SAP NetWeaver Enqueue Server 7.4

Vendor URL: http://SAP.com

Bug: denial of service

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 12.04.2016

Reference: SAP Security Note 2258784

[ more ]  [ reply ]
[ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability 2016-07-14
ERPScan inc (erpscan online gmail com)
Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Vendor URL: http://SAP.com

Bug: XXE

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 12.04.2016

Reference: SAP Security Note 2254389

Author: Vahagn Vardanyan (ER

[ more ]  [ reply ]
[ERPSCAN-16-021] SAP xMII - Reflected XSS vulnerability 2016-07-14
ERPScan inc (erpscan online gmail com)
Application: SAP xMII

Versions Affected: SAP xMII 15

Vendor URL: http://SAP.com

Bugs: XSS

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 12.04.2016

Reference: SAP Security Note 2201295

Author: Nursultan Abubakirov (ERPScan) , Vahagn Vardanyan (

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Google Forms WordPress Plugin 2016-07-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Google Forms WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in WP No External Links WordPress Plugin 2016-07-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in WP No External Links WordPress
Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Top 10 - Popular posts plugin for WordPress 2016-07-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Top 10 - Popular posts plugin for
WordPress
------------------------------------------------------------------------

Yorick Koster, July 2016

----------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Simple Membership WordPress Plugin 2016-07-13
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Simple Membership WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------------------------

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability 2016-07-13
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability

Advisory ID: cisco-sa-20160713-ncs6k

Revision 1.0

For Public Release 2016 July 13 16:00 UTC (GMT)

+-------------------------------------------------

[ more ]  [ reply ]
Open-Xchange Security Advisory 2016-07-13 2016-07-13
Martin Heiland (martin heiland lists open-xchange com)
Product: OX App Suite
Vendor: OX Software GmbH

Internal reference: 45796 / 45811 (Bug ID)
Vulnerability type: Cross Site Scripting (CWE-80)
Vulnerable version: 7.8.1 and earlier
Vulnerable component: frontend
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 7.6.2-rev44,

[ more ]  [ reply ]
missing input validation in pmount: arbitrary mount as non-root 2016-07-13
Imre RAD (imre rad search-lab hu)
Summary:
--------
pmount is a wrapper around the standard mount program which permits
normal users to mount removable devices without a matching /etc/fstab entry.
Due to a missing input validation check local users could mount devices
to arbitrary destinations and thus taking over the targeted syste

[ more ]  [ reply ]
[CVE-2016-1014, CVE-2016-4247] Executable installers are vulnerable^WEVIL (case 35): Adobe's Flash Player (un)installers 2016-07-12
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the executable installers of Flash Player released 2016-06-15
fixed CVE-2016-1014 in the second attempt, but another vulnerability
remained: they create(d) and use(d) UNSAFE temporary subdirectories
into which they copy/ied themselves and extract(ed) a file "fpb.tmp"
which they load(ed) and

[ more ]  [ reply ]
Easy Forms for MailChimp Local File Inclusion vulnerability 2016-07-12
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Easy Forms for MailChimp Local File Inclusion vulnerability
------------------------------------------------------------------------

Yorick Koster, July 2016

--------------------------------------------------------------------

[ more ]  [ reply ]
WP Fastest Cache Member Local File Inclusion vulnerability 2016-07-12
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

WP Fastest Cache Member Local File Inclusion vulnerability
------------------------------------------------------------------------

Yorick Koster, July 2016

---------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Profile Builder WordPress Plugin 2016-07-12
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Profile Builder WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

---------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Email Users WordPress Plugin 2016-07-12
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Email Users WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Master Slider WordPress Plugin 2016-07-12
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Master Slider WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-----------------------------------------------------------

[ more ]  [ reply ]
[security bulletin] HPSBHF03608 rev.1 - HPE iMC PLAT and other Network Products using Apache Java Commons Collection (ACC), Remote Execution of Arbitrary Code 2016-07-11
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05200601

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05200601
Version: 1

HPSBHF03608 r

[ more ]  [ reply ]
Persistent Cross-Site Scripting in WordPress Activity Log plugin 2016-07-11
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in WordPress Activity Log plugin
------------------------------------------------------------------------

Han Sahin, July 2016

-------------------------------------------------------------------

[ more ]  [ reply ]
[RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting 2016-07-11
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Apache Archiva
Vendor URL: https://archiva.apache.org
Type: Cross-Site Scripting [CWE-79]
Date found: 2016-05-31
Date published: 2016-07-11
CVSSv3 Score: 5.5 (CVSS:

[ more ]  [ reply ]
[RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries 2016-07-11
Julien Ahrens (info rcesecurity com)
RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Apache Archiva
Vendor URL: https://archiva.apache.org
Type: Cross-Site Request Forgery [CWE-253]
Date found: 2016-05-31
Date published: 2016-07-11
CVSSv3 Score: 5.4

[ more ]  [ reply ]
Persistent Cross-Site Scripting in WP Live Chat Support plugin 2016-07-11
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in WP Live Chat Support plugin
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------------------

[ more ]  [ reply ]
Persistent Cross-Site Scripting in All in One SEO Pack WordPress Plugin 2016-07-10
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in All in One SEO Pack WordPress Plugin
------------------------------------------------------------------------

David Vaartjes, July 2016

-------------------------------------------------------

[ more ]  [ reply ]
BMW - (Token) Client Side Cross Site Scripting Vulnerability 2016-07-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BMW - (Token) Client Side Cross Site Scripting Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1737

Release Date:
=============
2016-07-06

Vulnerability Laboratory ID (VL-ID):
==========================

[ more ]  [ reply ]
BMW ConnectedDrive - (Update) VIN Session Vulnerability 2016-07-08
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
BMW ConnectedDrive - (Update) VIN Session Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1736

Release Date:
=============
2016-07-07

Vulnerability Laboratory ID (VL-ID):
===============================

[ more ]  [ reply ]
Microsoft Process Kill Utility "kill.exe" Buffer Overflow 2016-07-08
hyp3rlinx lycos com
[+] Credits: HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MS-KILL-UTILITY-BUFFER-OVERFL
OW.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
=========================================
Microsoft Process K

[ more ]  [ reply ]
Microsoft WinDbg logviewer.exe Buffer Overflow DOS 2016-07-08
hyp3rlinx lycos com
[+] Credits: HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDBG-LOGVIEWER-BUFFER-OV
ERFLOW.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
====================
WinDbg logviewer.exe

LogViewer (log

[ more ]  [ reply ]
[slackware-security] samba (SSA:2016-189-01) 2016-07-07
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] samba (SSA:2016-189-01)

New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages

[ more ]  [ reply ]
[security bulletin] HPSBGN03628 rev.1 - HPE IceWall Federation Agent using libXML2 library, Remote Denial of Service (DoS), Unauthorized Modification, Unauthorized Disclosure of Information 2016-07-07
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05194709

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05194709
Version: 1

HPSBGN03628 r

[ more ]  [ reply ]
[KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability 2016-07-07
Egidio Romano (research karmainsecurity com)
------------------------------------------------------------------------
---
IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability
------------------------------------------------------------------------
---

[-] Software Link:

https://invisionpower.com/

[-] Affected Versions

[ more ]  [ reply ]
Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE-2016-5648) 2016-07-06
David Coomber (davidcoomber infosec gmail com)
Acer Portal Android Application - MITM SSL Certificate Vulnerability
(CVE-2016-5648)
--
http://www.info-sec.ca/advisories/Acer-Portal.html

Overview

"Acer BYOCâ??s suite of Apps allows you to start building your own cloud
to connect and share everything in your life between your smart
devices and y

[ more ]  [ reply ]
[SECURITY] [DSA 3617-1] horizon security update 2016-07-06
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3617-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
July 06, 2016

[ more ]  [ reply ]
Re: Putty (beta 0.67) DLL Hijacking Vulnerability 2016-07-06
wsachin092 gmail com
Can you please assign the CVE for http://seclists.org/bugtraq/2016/Jul/26

1. Create malicious dll file and save it as UxTheme.dll or ntmarta.dll in your "Downloads" directory.

2. Download https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe and save it in your "Downloads"
directory.

3. Ex

[ more ]  [ reply ]
ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability 2016-07-06
Security Alert (Security_Alert emc com)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability

EMC Identifier: ESA-2016-054

CVE Identifier: CVE-2016-0906

Severity Rating: 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected products:

[ more ]  [ reply ]
Micron CMS v5.3 - (cat_id) SQL Injection Vulnerability 2016-07-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Micron CMS v5.3 - (cat_id) SQL Injection Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1872

Release Date:
=============
2016-07-06

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
Teampass 2.1.26 - Authenticated File Upload Vulnerability 2016-07-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
Teampass 2.1.26 - Authenticated File Upload Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1866

Release Date:
=============
2016-07-06

Vulnerability Laboratory ID (VL-ID):
=============================

[ more ]  [ reply ]
IBM BlueMix Cloud - (API) Persistent Web Vulnerability 2016-07-06
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
IBM BlueMix Cloud - (API) Persistent Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1846

IBM Security Tracking ID: 5377-12593283

Release Date:
=============
2016-07-04

Vulnerability Laboratory ID

[ more ]  [ reply ]
[security bulletin] HPSBHF03613 rev.1 - HPE Network Products including iMC, VCX, and Comware using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access 2016-07-05
security-alert hpe com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=
emr_n
a-c05184351

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05184351
Version: 1

HPSBHF03613 r

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2016-187-01) 2016-07-05
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2016-187-01)

New mozilla-thunderbird packages are available for Slackware 14.1, 14.2, and
- -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------

[ more ]  [ reply ]
Putty (beta 0.67) DLL Hijacking Vulnerability 2016-07-05
wsachin092 gmail com
/*
Exploit Title: Putty DLL Hijacking Exploit ( UxTheme.dll or ntmarta.dll )
Vendor Homepage:https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
Author: Sachin Wagh (@tiger_tigerboy)
Linkedin: https://in.linkedin.com/in/sachin-wagh-95b17555
Affected Version: beta 0.67
Tested on: Windows 7 Ulti

[ more ]  [ reply ]
Apple Safari for Mac OS X SVG local XXE 2016-07-05
Filippo Cavallarin (filippo cavallarin wearesegment com)
Advisory ID: SGMA16-003
Title: Apple Safari for Mac OS X SVG local XXE
Product: Apple Safari for Mac OS X
Version: 9.1.1 and probably prior
Vendor: apple.com
Vulnerability type: XXE
Risk level: Medium
Credit: Filippo Cavallarin - wearesegment.com
CVE: N/A
Vendor notification: 2015-04-08
Vendor fix:

[ more ]  [ reply ]
Syslog Server "npriority" field remote Denial of Service vulnerability 2016-07-04
chaoyi huang connect polyu hk
Title: Syslog Server "npriority" field remote Denial of Service vulnerability
Software : Syslog Server

Software Version : Syslog Server 1.2.3

Vendor: https://sourceforge.net/p/syslog-server/

Vulnerability Published : 2016-07-02

Vulnerability Update Time :

Status :

Impact : Medium(CVSS2 Base :

[ more ]  [ reply ]
[CVE-2016-6136] Double-Fetch Vulnerability in Linux-4.6/kernel/auditsc.c 2016-07-04
wpengfeinudt gmail com
I found this double-fetch vulnerability when I was doing my research on double-fetch issue analysis, and I?d like to make an announcement here.

This was found in Linux kernel file Linux-4.6/kernel/auditsc.c, and crafted user space data change under race condition will make control strings processe

[ more ]  [ reply ]
OpenDocMan v1.3.5 - Full Path Disclosure Vulnerability 2016-07-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
OpenDocMan v1.3.5 - Full Path Disclosure Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1868

Release Date:
=============
2016-07-04

Vulnerability Laboratory ID (VL-ID):
================================

[ more ]  [ reply ]
KWSPHP CMS v1.6.995 - Persistent Cross Site Scripting Web Vulnerability 2016-07-04
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
KWSPHP CMS v1.6.995 - Persistent Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1867

Release Date:
=============
2016-07-01

Vulnerability Laboratory ID (VL-ID):
===============

[ more ]  [ reply ]
[CVE-2016-6156] Double-Fetch Vulnerability in Linux-4.6/drivers/platform/chrome/cros_ec_dev.c 2016-07-04
wpengfeinudt gmail com
I found this double-fetch vulnerability when I was doing my research on double-fetch issue analysis, and I?d like to make an announcement here.

This was found in Linux kernel file Linux-4.6/drivers/platform/chrome/cros_ec_dev.c, and crafted user space data change under race condition will lead to

[ more ]  [ reply ]
[SECURITY] [DSA 3616-1] linux security update 2016-07-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3616-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
July 04, 2016

[ more ]  [ reply ]
WebCalendar v1.2.7 CSRF Protection Bypass 2016-07-04
hyp3rlinx lycos com
[+] Credits: John Page aka HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-CSRF-PROTE
CTION-BYPASS.txt

[+] ISR: ApparitionSec

Vendor:
==========================
www.k5n.us/webcalendar.php

Product:
==================

[ more ]  [ reply ]
WebCalendar v1.2.7 CSRF Protection Bypass 2016-07-04
hyp3rlinx lycos com
[+] Credits: John Page aka HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-CSRF-PROTE
CTION-BYPASS.txt

[+] ISR: ApparitionSec

Vendor:
==========================
www.k5n.us/webcalendar.php

Product:
==================

[ more ]  [ reply ]
WebCalendar v1.2.7 CSRF Protection Bypass 2016-07-04
hyp3rlinx lycos com
[+] Credits: John Page aka HYP3RLINX

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-CSRF-PROTE
CTION-BYPASS.txt

[+] ISR: ApparitionSec

Vendor:
==========================
www.k5n.us/webcalendar.php

Product:
==================

[ more ]  [ reply ]
HTTP session poisoning in EMC Documentum WDK-based applications causes arbitrary code execution and privilege elevation 2016-07-04
Andrey B. Panfilov (andrew panfilov tel)
Vendor: EMC
Product: Documentum WDK-based applications, all versions
Security impact: high

All EMC Documentum WDK-based applications (Taskspace, Webtop, Documentum Administrator,
EPFM) contain extremely dangerous web component â?? API Tester. The â??API Testerâ? component
wanâ??t designed with

[ more ]  [ reply ]
(Page 20 of 525)  < Prev  15 16 17 18 19 20 21 22 23 24 25  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus