|
|
Colapse all |
Post message
iOS: List of available trusted root certificates 2013-09-30 Jeffrey Walton (noloader gmail com) (1 replies) Re: iOS: List of available trusted root certificates 2013-10-01 Jason Hellenthal (jhellenthal dataix net) CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30 Maria Lemos (marialemos72 gmail com) CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30 Dennis Jenkins (dennis jenkins 75 gmail com) Details =========================================================== Application: "HylaFAX+" Version: 5.2.4 (April, 2008) through 5.5.3 (August 6, 2013) Type: Daemon that manages a fax server via an FTP-like protocol. Vendor / Maintainer: Lee Howard (faxguy _at_ howardsilvan.com) Project Homepage: ht [ more ] [ reply ] Open-Xchange Security Advisory 2013-09-30 2013-09-30 Martin Braun (martin braun open-xchange com) Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 (Bug ID) Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page) Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20 Report [ more ] [ reply ] Firefox for Android - Same-origin bypass through symbolic links 2013-09-30 Takeshi Terada (mbsdtest01 gmail com) [CVE-2013-5725] - Byword for iOS Data Destruction Vulnerability 2013-09-29 guillaume binaryfactory ca - Affected Vendor: http://metaclassy.com/ - Affected Software: Byword for iOS - Affected Version: 2.x prior to 2.1 - Issue Type: Lack of validation/user confirmation leading to destruction of data - Release Date: 29 Sept 2013 - Discovered by: Guillaume Ross - CVE Identifier: CVE-2013-5725 - Issue S [ more ] [ reply ] [slackware-security] seamonkey (SSA:2013-271-01) 2013-09-29 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] seamonkey (SSA:2013-271-01) New seamonkey packages are available for Slackware 14.0 and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/seam [ more ] [ reply ] [IBliss Security Advisory] Cross-site scripting ( XSS ) in PHP IDNA Convert 2013-09-28 Alexandro Silva (alexos ibliss com br) [ PHP IDNA Convert Cross-site scripting ( XSS ) ] [ Vendor product description] PHP Net_IDNA is a class to convert between the Punycode and Unicode formats. Punycode is a standard described in RFC 3492 and part of IDNA (Internationalizing Domain Names in Applications [RFC3490]) . This class allows [ more ] [ reply ] Re:joomla com_zimbcomment Components Local File Include vulnerability 2013-09-26 Sergio Tam (tam sergio gmail com) 2013/9/25 <iedb.team (at) gmail (dot) com [email concealed]>: > The joomla com_zimbcomment Components suffers from a Local File Include Vulnerability. > > ################################# > > # Iranian Exploit DataBase Forum > > # http://iedb.ir/acc > > # http://iedb.ir > > ################################# > > # Exploit Title [ more ] [ reply ] APPLE-SA-2013-09-26-1 iOS 7.0.2 2013-09-26 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-26-1 iOS 7.0.2 iOS 7.0.2 is now available and addresses the following: Passcode Lock Available for: iPhone 4 and later Impact: A person with physical access to the device may be able to make calls to any number Description: A NULL [ more ] [ reply ] ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability 2013-09-26 Security Alert (Security_Alert emc com) [ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities 2013-09-26 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2012-003 - Original release date: 16th December 2012 - Last revised: 26th September 2013 - Discovered by: Eduardo Garcia Melia - Severity: 6.8/10 (CVSS Base Scored) ============================================= I. VULN [ more ] [ reply ] XAMPP 1.8.1 Local Write Access Vulnerability 2013-09-26 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 (CVSS Base Score) - CVE-ID: CVE-2013-2586 =================================== [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability Advisory ID: cisco-sa-20130925-rsvp Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - ---------------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability Advisory ID: cisco-sa-20130925-ike Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - ---------------------------------------------------------------------- Summa [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software DHCP Denial of Service Vulnerability Advisory ID: cisco-sa-20130925-dhcp Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - ---------------------------------------------------------------------- Summary ======= [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability Advisory ID: cisco-sa-20130925-ntp Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - ------------------------------------------------------------- [ more ] [ reply ] Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability Advisory ID: cisco-sa-20130925-cce Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - --------------------------------------------------------------------- [ more ] [ reply ] AW: Cisco Security Advisory: Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability 2013-09-26 Aichhorn, Herbert (Herbert Aichhorn fabasoft com) Cisco Security Advisory: Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability 2013-09-25 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability Advisory ID: cisco-sa-20130925-ipv6vfr Revision 1.0 For Public Release 2013 September 25 16:00 UTC (GMT) - --------------------------------------------------- [ more ] [ reply ] |
|
Privacy Statement |
http://support.apple.com/kb/HT5012.
There's no reason to allow some of this to occur in 2013. As a
proxy-relying-party, Apple is responsible for this stuff because users
are not allowed to make the decisions or modify the Trust Store.
For re
[ more ] [ reply ]