-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:135
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03457976
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03457976
Version: 1
HPSBUX02806
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:137
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:138
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:136
http://www.mandriva.com/security/
High Risk Vulnerability in Microsoft Windows Remote Desktop
17 August 2012
Edward Torkington of NCC Group has discovered a High risk vulnerability in
Microsoft Windows Remote Desktop
Impact: Remote Code Execution
Versions affected: Windows XP SP3
An updated version of the software has been
Summary
===
There is an arbitrary command execution vulnerability in the scriptfu
network server
console in the GIMP 2.6 branch. It is possible to use a python scriptfu
command to run
arbitrary operating-system commands and potentially take full control of the
host.
The advisory is posted
Title:
==
Social Engine v4.2.5 - Multiple Web Vulnerabilities
Date:
=
2012-07-31
References:
===
http://www.vulnerability-lab.com/get_content.php?id=672
VL-ID:
=
672
Common Vulnerability Scoring System:
3
Abstract:
=
A
Title:
==
ShopperPress v2.7 Wordpress - SQL Injection Vulnerability
Date:
=
2012-08-01
References:
===
http://www.vulnerability-lab.com/get_content.php?id=669
VL-ID:
=
669
Common Vulnerability Scoring System:
6.1
Introduction:
Title:
==
ShopperPress v2.7 Wordpress - Cross Site Vulnerabilities
Date:
=
2012-08-02
References:
===
http://www.vulnerability-lab.com/get_content.php?id=670
VL-ID:
=
670
Common Vulnerability Scoring System:
2.4
Introduction:
Title:
==
Nike+ Panel Mobile App - Multiple Web Vulnerabilities
Date:
=
2012-08-01
References:
===
http://www.vulnerability-lab.com/get_content.php?id=663
VL-ID:
=
663
Common Vulnerability Scoring System:
3.5
Introduction:
Title:
==
ManageEngine OpStor v7.4 - Multiple Web Vulnerabilities
Date:
=
2012-08-17
References:
===
http://www.vulnerability-lab.com/get_content.php?id=667
http://www.vulnerability-lab.com/news/get_news.php?id=95
Manage Engine Ticket ID: 46119
VL-ID:
=
667
Common
FOREGROUND SECURITY, SECURITY ADVISORY 2012-001
- Original release date: August 16, 2012
- Discovered by: Jose Carlos de Arriba (Penetration Testing Team Lead at
Foreground Security)
- Contact: (jcarriba (at) foregroundsecurity (dot)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:134
http://www.mandriva.com/security/
Internet Explorer Script Interjection Code Execution
Derek Soeder
ds.adv@gmail.com
Reported: January 26, 2012, to SecuriTeam Secure Disclosure
http://www.beyondsecurity.com/ssd.html
Published: August 16, 2012
AFFECTED VENDOR
---
Microsoft Corporation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] emacs (SSA:2012-228-02)
New emacs packages are available for Slackware 13.1, 13.37, and -current to
fix a security issue.
Here are the details from the Slackware 13.37 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-136
August 17, 2012
- -- CVE ID:
CVE-2011-3220
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- -- Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-137 : Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer
Truncation Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-137
August 17, 2012
- -- CVE ID:
CVE-2012-0651
- -- CVSS:
10,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll
username Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-138
August 17, 2012
- -- CVE ID:
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-139
August 17, 2012
- -- CVE ID:
- -- CVSS:
10, AV:N/AC:L/Au:N/C:C/I:C/A:C
- -- Affected Vendors:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss
RMI Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-140
August 17, 2012
- -- CVE ID:
- -- CVSS:
10, AV:N/AC:L/Au:N/C:C/I:C/A:C
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-141
August 17, 2012
- -- CVE ID:
CVE-2012-1855
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-142
August 17, 2012
- -- CVE ID:
CVE-2012-1713
- -- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-143
August 17, 2012
- -- CVE ID:
CVE-2012-1888
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- -- Affected Vendors:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-144
August 17, 2012
- -- CVE ID:
CVE-2012-0409
- -- CVSS:
10, AV:N/AC:L/Au:N/C:C/I:C/A:C
-
25 matches
Mail list logo