APPLE-SA-2018-1-23-1 iOS 11.2.5

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-1 iOS 11.2.5 iOS 11.2.5 is now available and addresses the following: Audio Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted audio file may lead to

APPLE-SA-2018-1-23-4 tvOS 11.2.5

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-4 tvOS 11.2.5 tvOS 11.2.5 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

APPLE-SA-2018-1-23-7 iCloud for Windows 7.3

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-7 iCloud for Windows 7.3 iCloud for Windows 7.3 is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution

APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows iTunes 12.7.3 for Windows is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code

APPLE-SA-2018-1-23-3 watchOS 4.2.2

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-3 watchOS 4.2.2 watchOS 4.2.2 is now available and addresses the following: Audio Available for: All Apple Watch models Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A

APPLE-SA-2018-1-23-5 Safari 11.0.3

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-5 Safari 11.0.3 Safari 11.0.3 is now available and addresses the following: WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.3 Impact: Processing maliciously crafted web content

APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan

2018-01-23 Thread Apple Product Security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan are now available and

DefenseCode ThunderScan SAST Advisory: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities

2018-01-23 Thread DefenseCode
   DefenseCode ThunderScan SAST Advisory SugarCRM Community Edition Multiple SQL Injection Vulnerabilities Advisory ID:    DC-2018-01-011 Advisory Title: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities Advisory URL:   http://www.defensecode.com/advisories.php Software: 

SEC Consult SA-20180123-0 :: XXE & Reflected XSS in Oracle Financial Services Analytical Applications

2018-01-23 Thread SEC Consult Vulnerability Lab
SEC Consult Vulnerability Lab Security Advisory < 20180123-0 > === title: XXE & Reflected XSS product: Oracle Financial Services Analytical Applications vulnerable version: 7.3.5.x, 8.0.x