FreeBSD Security Advisory FreeBSD-SA-13:03.openssl

2013-04-03 Thread FreeBSD Security Advisories
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-13:03.opensslSecurity Advisory The FreeBSD Project Topic: O

FreeBSD Security Advisory FreeBSD-SA-13:04.bind

2013-04-03 Thread FreeBSD Security Advisories
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-13:04.bind Security Advisory The FreeBSD Project Topic: B

SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance

2013-04-03 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20130403-0 > === title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: <= 3.7.8.1 fixed version

Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001

2013-04-03 Thread Lists
Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync (GADS) Tool Platform. Windows, Linux, Solaris Affected versions.

[slackware-security] mozilla-thunderbird (SSA:2013-093-02)

2013-04-03 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2013-093-02) New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +

[slackware-security] mozilla-firefox (SSA:2013-093-01)

2013-04-03 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2013-093-01) New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--+

SQL Injection Vulnerability in Symphony

2013-04-03 Thread advisory
Advisory ID: HTB23148 Product: Symphony Vendor: http://getsymphony.com/ Vulnerable Version(s): 2.3.1 and probably prior Tested Version: 2.3.1 Vendor Notification: March 13, 2013 Vendor Patch: March 24, 2013 Public Disclosure: April 3, 2013 Vulnerability Type: SQL Injection [CWE-89] CVE Reference

PHP Code Injection in FUDforum

2013-04-03 Thread advisory
Advisory ID: HTB23146 Product: FUDforum Vendor: FUDforum Vulnerable Version(s): 3.0.4 and probably prior Tested Version: 3.0.4 Vendor Notification: February 21, 2013 Vendor Patch: March 11, 2013 Public Disclosure: April 3, 2013 Vulnerability Type: Code Injection [CWE-94] CVE Reference: CVE-2013-

TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2

2013-04-03 Thread Simon Bieber
TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 Published: 2013/04/03 Version 1.0 Affected Products: e107 version 1.0.2 (others not tested) http://www.e107.org References: TC-SA-2013-01 www.tele-consulting.com/advisories/TC-SA-2013-01.txt (used

Novell GroupWise Multiple Remote Code Execution Vulnerabilities

2013-04-03 Thread advisory
Advisory ID: HTB23131 Product: Novell GroupWise Vendor: Novell Inc. Vulnerable Version(s): 12.0.0.8586 and probably prior Tested Version: 12.0.0.8586 on Windows 7 SP1 and Internet Explorer 9.0 Vendor Notification: November 26, 2012 Vendor Patch: January 30, 2013 Public Disclosure: April 3, 2013