1. ADVISORY INFORMATION
Title: Oracle E-Business Suite XXE injection
Advisory ID: [ERPSCAN-15-028]
Advisory URL:
http://erpscan.com/advisories/erpscan-15-028-oracle-e-business-suite-xxe-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle
2. VULNERABILITY INFORMATION
1. ADVISORY INFORMATION
Title: Oracle E-Business Suite - XXE injection
Advisory ID: [ERPSCAN-15-029]
Advisory URL:
http://erpscan.com/advisories/erpscan-15-029-oracle-e-business-suite-xxe-injection-vulnerability/
Date published: 21.10.2015
Vendors contacted: Oracle
2. VULNERABILITY INFORMATION
Vulnerability title: Privilege Escalation Via Symlink Attacks On POSIX Shared
Memory With Insecure Permissions In AMD fglrx-driver
CVE: CVE-2015-7723
Vendor: AMD
Product: fglrx-driver
Affected version: 14.4.2
Fixed version: 15.7
Reported by: Tim Brown
Details:
It has been identified that the
Vulnerability title: Privilege Escalation Via Symlink Attacks On POSIX Shared
Memory With Insecure Permissions In AMD fglrx-driver
CVE: CVE-2015-7724
Vendor: AMD
Product: fglrx-driver
Affected version: 15.7
Fixed version: 15.9
Reported by: Tim Brown
Details:
In the process of validating the fix
Advisory ID: HTB23266
Product: Oxwall
Vendor: http://www.oxwall.org
Vulnerable Version(s): 1.7.4 and probably prior
Tested Version: 1.7.4
Advisory Publication: July 1, 2015 [without technical details]
Vendor Notification: July 1, 2015
Vendor Patch: September 8, 2015
Public Disclosure: October
1. ADVISORY INFORMATION
Title: Oracle E-Business Suite XXE injection
Advisory ID: [ERPSCAN-15-030]
Advisory URL:
http://erpscan.com/advisories/erpscan-15-030-oracle-e-business-suite-xxe-injection-vulnerability/
Date published: 20.10.2015
Vendors contacted: Oracle
2. VULNERABILITY INFORMATION
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3382-1 secur...@debian.org
https://www.debian.org/security/ Thijs Kinkhorst
October 28, 2015
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-PRIV-ESCALATE.txt
Vendor:
www.phpservermonitor.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3383-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 29, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] curl (SSA:2015-302-01)
New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3384-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 29, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3332-2 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 29, 2015
[+] Credits: hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/AS-PHPSRVMONITOR-CSRF.txt
Vendor:
www.phpservermonitor.org
13 matches
Mail list logo