|
|
Colapse all |
Post message
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16 Securify B.V. (lists securify nl) libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16 Hans Jerry Illikainen (hji dyntopia com) Overview ======== Libnsbmp[1] is a decoding library for BMP and ICO files. It is primarily developed and used as part of the NetSurf project. As of version 0.1.2, libnsbmp is vulnerable to a heap overflow (CVE-2015-7508) and an out-of-bounds read (CVE-2015-7507). CVE-2015-7508 ============= l [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16 FreeBSD Security Advisories (security-advisories freebsd org) SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16 High-Tech Bridge Security Research (advisory htbridge ch) Advisory ID: HTB23280 Product: orion.extfeedbackform Bitrix module Vendor: www.orion-soft.ru Vulnerable Version(s): 2.1.2 and probably prior Tested Version: 2.1.2 Advisory Publication: November 18, 2015 [without technical details] Vendor Notification: November 18, 2015 Vendor Patch: December 11, [ more ] [ reply ] RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16 High-Tech Bridge Security Research (advisory htbridge ch) Advisory ID: HTB23282 Product: Zen Cart Vendor: Zen Ventures, LLC Vulnerable Version(s): 1.5.4 Tested Version: 1.5.4 Advisory Publication: November 25, 2015 [without technical details] Vendor Notification: November 25, 2015 Vendor Patch: November 26, 2015 Public Disclosure: December 16, 2015 Vu [ more ] [ reply ] libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16 Hans Jerry Illikainen (hji dyntopia com) Overview ======== Libnsgif[1] is a decoding library for GIF images. It is primarily developed and used as part of the NetSurf project. As of version 0.1.2, libnsgif is vulnerable to a stack overflow (CVE-2015-7505) and an out-of-bounds read (CVE-2015-7506) due to the way LZW-compressed GIF data [ more ] [ reply ] [slackware-security] openssl (SSA:2015-349-04) 2015-12-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2015-349-04) New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ [ more ] [ reply ] [slackware-security] bind (SSA:2015-349-01) 2015-12-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2015-349-01) New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patch [ more ] [ reply ] [slackware-security] libpng (SSA:2015-349-02) 2015-12-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libpng (SSA:2015-349-02) New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ p [ more ] [ reply ] [SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15 Salvatore Bonaccorso (carnil debian org) Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, several McAfee "security" products, most notably their Security Scan Plus (see <http://seclists.org/fulldisclosure/2014/Apr/226> for a previous advisory) which Adobe pushes to unsuspecting users of Adobe Reader and Flash Player, are offered as executable installers built with the vulnerable [ more ] [ reply ] [SECURITY] [DSA 3418-1] chromium-browser security update 2015-12-15 Michael Gilbert (mgilbert debian org) [security bulletin] HPSBST03517 rev.1 - HP StoreOnce Backup systems, Remote Execution of Arbitrary Code with Privilege Elevation, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS) 2015-12-14 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04858589 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04858589 Version: 1 HPSBST03517 r [ more ] [ reply ] Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] 2015-12-15 Hector Marco-Gisbert (hecmargi upv es) Hi everyone, A vulnerability in Grub2 (Back to 28) has been found. Versions from 1.98 (December, 2009) to 2.02 (December, 2015) are affected. The vulnerability can be exploited under certain circumstances, allowing local attackers to bypass any kind of authentication (plain or hashed passwords). [ more ] [ reply ] phpback v1.1 XSS vulnerability 2015-12-15 apparitionsec gmail com [+] Credits: hyp3rlinx [+] Website: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/PHPBACK-XSS.txt Vendor: ==================== www.phpback.org Product: =============== phpback v1.1 The open source feedback system, PHPBack is feedback a web application that [ more ] [ reply ] ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14 ERPScan inc (erpscan online gmail com) [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14 ERPScan inc (erpscan online gmail com) ECommerceMajor SQL Injection Vulnerability 2015-12-13 Rahul Pratap Singh (techno rps gmail com) #Exploit Title : ECommerceMajor SQL Injection Vulnerability #Exploit Author : Rahul Pratap Singh #Date : 13/Dec/2015 #Home page Link : https://github.com/xlinkerz/ecommerceMajor #Website : 0x62626262.wordpress.com #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 1. Descrip [ more ] [ reply ] [SECURITY] [DSA 3416-1] libphp-phpmailer security update 2015-12-13 Luciano Bello (luciano debian org) COM+ Services DLL side loading vulnerability 2015-12-12 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ COM+ Services DLL side loading vulnerability ------------------------------------------------------------------------ Yorick Koster, August 2015 ------------------------------------------------------------------------ Abstract [ more ] [ reply ] Windows Authentication UI DLL side loading vulnerability 2015-12-12 Securify B.V. (lists securify nl) ------------------------------------------------------------------------ Windows Authentication UI DLL side loading vulnerability ------------------------------------------------------------------------ Yorick Koster, August 2015 --------------------------------------------------------------------- [ more ] [ reply ] XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 2015-12-12 Aravind (altoarun gmail com) Information ================================= #Vulnerability type: Cross Site Scripting (XSS) #Vendor: http://www.synnefoims.com/ #Product: Synnefo Client for Synnefo Internet Management Software (IMS) 2015 (http://www.synnefoims.com/products.html) CVE Reference: ========================= [ more ] [ reply ] [security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId= emr_n a-c04920918 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04920918 Version: 1 HPSBHF03431 r [ more ] [ reply ] APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2015-12-11-1 iTunes 12.3.2 iTunes 12.3.2 is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: Multiple me [ more ] [ reply ] Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, the executable installers [°] of 7-Zip (see <http://www.7-zip.org/>) and ALL self-extracting archives created with 7-Zip are vulnerable: 1. They load and execute a rogue/bogus/malicious UXTheme.dll ['] eventually found in the directory they are started from (the "application director [ more ] [ reply ] WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10 John SECURELI.com (john secureli com) Information security research credited to John Martinelli @ SECURELI.com. (john (at) secureli (dot) com [email concealed]) ----- Affects: WordPress <=v4.4 Vulnerability: Information Disclosure CVE-ID: Pending Impact: Username exists disclosure on /wp-login.php ----- By default, WordPress <=4.4 discloses whether a username [ more ] [ reply ] BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10 Blue Frost Security Research Lab (research bluefrostsecurity de) |
|
Privacy Statement |
Event Viewer Snapin multiple DLL side loading vulnerabilities
------------------------------------------------------------------------
Yorick Koster, August 2015
----------------------------------------------------------------
[ more ] [ reply ]