*First ever post, so apologies for any associated naiveté*
Scenario:
The Windows Attachment Manager does not correctly handle JAR files marked as
high risk when accessed via Internet Explorer 11.
This leads to direct execution of any JAR file when a user clicks Open
rather than Save or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-134: RSA® Authentication Manager Security Update for Reflected
Cross-Site Scripting Vulnerability
EMC Identifier: ESA-2017-134
CVE Identifier: CVE-2017-14373
Severity Rating: CVSSv3: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected
[Original post here:
http://wwws.nightwatchcybersecurity.com/2017/10/25/advisory-pia-android-app-cve-2017-15882/]
SUMMARY
The Android application provided by Private Internet Access (PIA) VPN
service can be crashed by downloading a large file containing a list
of current VPN servers. This can be
Virtual Security Research, LLC.
https://www.vsecurity.com/
Security Advisory
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Advisory Name: Bomgar Remote Support - Local Privilege Escalation
Rele
