Event Viewer Snapin multiple DLL side loading vulnerabilities
Yorick Koster, August 2015
Shutdown UX DLL side loading vulnerability
Yorick Koster, November 2015
Shockwave Flash Object DLL side loading vulnerability
Yorick Koster, August 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04923105
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04923105
Version: 1
HPSBUX03529
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-3422-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 16, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3421-1 secur...@debian.org
https://www.debian.org/security/Luciano Bello
December 16, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3424-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 16, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] mozilla-firefox (SSA:2015-349-03)
New mozilla-firefox packages are available for Slackware 14.1 and -current to
fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04923929
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04923929
Version: 1
HPSBHF03528
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3337-2 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 17, 2015
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
- -
Debian Security Advisory DSA-3423-1 secur...@debian.org
https://www.debian.org/security/Luciano Bello
December 16, 2015
Advisory ID: HTB23282
Product: Zen Cart
Vendor: Zen Ventures, LLC
Vulnerable Version(s): 1.5.4
Tested Version: 1.5.4
Advisory Publication: November 25, 2015 [without technical details]
Vendor Notification: November 25, 2015
Vendor Patch: November 26, 2015
Public Disclosure: December 16, 2015
Overview
Libnsgif[1] is a decoding library for GIF images. It is primarily
developed and used as part of the NetSurf project.
As of version 0.1.2, libnsgif is vulnerable to a stack overflow
(CVE-2015-7505) and an out-of-bounds read (CVE-2015-7506) due to the way
LZW-compressed GIF
Advisory ID: HTB23280
Product: orion.extfeedbackform Bitrix module
Vendor: www.orion-soft.ru
Vulnerable Version(s): 2.1.2 and probably prior
Tested Version: 2.1.2
Advisory Publication: November 18, 2015 [without technical details]
Vendor Notification: November 18, 2015
Vendor Patch: December
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-15:27.bind Security Advisory
The FreeBSD Project
Topic:
Overview
Libnsbmp[1] is a decoding library for BMP and ICO files. It is
primarily developed and used as part of the NetSurf project.
As of version 0.1.2, libnsbmp is vulnerable to a heap overflow
(CVE-2015-7508) and an out-of-bounds read (CVE-2015-7507).
CVE-2015-7508
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] bind (SSA:2015-349-01)
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] openssl (SSA:2015-349-04)
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] libpng (SSA:2015-349-02)
New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog:
+--+
19 matches
Mail list logo