Hi @ll,
Fujitsus http://www.fsc-pc.de/ factory preinstallation (as
found on a Fujitsu Lifebook A512 purchased a month ago) of
Windows 8 Professional x64 (I'm VERY confident that other
variants of Fujitsu's Windows 8 factory installation are just
the like) has the following vulnerabilities which
Hello All,
Security Explorations discovered 7 additional security issues (#62-68)
in the latest version of IBM SDK, Java Technology Edition software [1].
A majority of the new flaws are due to insecure use or implementation
of Java Reflection API.
Additionally to the above, we found out that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:161
http://www.mandriva.com/en/support/security/
Hi Everyone:
LibOnionRoute, the library to anonymize software was just released. It
is basically a modification of Tor to transform it into a library you
can link to your software. Some of us believe is more secure in some
situations to use it like that.
To find out more please visit:
CVE-2013-0267: Apache VCL improper input validation
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache VCL 2.1, 2.2, 2.2.1, 2.3, 2.3.1
Description:
Some parts of VCL did not properly validate input data. This problem was
present both in the Privileges portion
Hi @ll,
the current 3CXPhone6.msi (for Windows), available from
http://www.3cx.com/VOIP/sip-phone/, digitally signed on 2012-07-30,
installs the following outdated and vulnerable 3rd-party libraries:
* libeay32.dll and ssleay32.dll version 0.9.8h (from 2008-05-28)
of OpenSSL.
The current
Hi @ll,
the current 3CXPhoneSystem11.exe (for Windows), available from
http://www.3cx.com/phone-system/download-phone-system/ (pricing
see http://www.3cx.com/ordering/pricing/), digitally signed on
2013-01-28, installs the following COMPLETELY outdated and
vulnerable 3rd-party (open source)
Hello list!
I want to inform you about vulnerabilities in VideoJS. This is popular video
and audio player, which is used at hundreds thousands of web sites and in
multiple web applications.
This is Cross-Site Scripting vulnerability in VideoJS. There is also DoS
hole related to this player,
Ruxcon 2013 Call For Presentations
Melbourne, Australia, October 26th-27th
CQ Function Centre
http://www.ruxcon.org.au/call-for-papers/
The Ruxcon team is pleased to announce the Call For Presentations for Ruxcon
2013.
This year the conference will take place over the weekend of the 26th and
[ESNC-2013-005] Remote Code Injection in SAP ERP Central Component -
Project System
Please refer to http://www.esnc.de for the original security advisory,
updates and additional information.
1. Business Impact
10 matches
Mail list logo