[SECURITY] [DSA 3508-1] jasper security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3508-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 06, 2016

Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager

* Exploit Title: Multiple Vulnerabilities in SP Projects & Document Manager * Discovery Date: 2016/01/13 * Public Disclosure Date: 2016/03/06 * Exploit Author: Michael Helwig * Contact: https://twitter.com/c0dmtr1x * Vendor Homepage: http://smartypantsplugins.com/ * Software Link:

[SECURITY] [DSA 3507-1] chromium-browser security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3507-1 secur...@debian.org https://www.debian.org/security/ Michael Gilbert March 05, 2016

Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege

Hi @ll, the executable installer clamwin-0.99-setup.exe (available from ) loads and executes DWMAPI.dll or UXTheme.dll from its "application directory". For software downloaded with a web browser the application directory is typically the user's "Downloads"

Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege

Hi @ll, Malwarebytes executable installers mbam-setup-2.2.0.1024.exe and mbae-setup-1.08.1.1189.exe (available from and ) load and execute UXTheme.dll and DWMAPI.dll from their