[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05356363 Version: 1 HPSBMU03684 rev.1 - HPE

[SECURITY] [DSA 3736-1] libupnp security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3736-1 secur...@debian.org https://www.debian.org/security/ Sebastien Delafond December 16, 2016

CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom

Description of the potential vulnerability:Lack of appropriate exception handling in some receivers of the Telecom application allows attackers crash the system easily resulting in a possible DoS attack Affected versions: L(5.0/5.1), M(6.0) Disclosure status: Privately disclosed. The patch

CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free

Since November I have been releasing details on all vulnerabilities I found that I have not released before. This is the 34th entry in the series. This information is available in more detail on my blog at http://blog.skylined.nl/20161216001.html. There you can find a repro that triggered this