Feed aggregator

Bugtraq: MIUI Torch Open Vulnerability

MIUI Torch Open Vulnerability
Categories:

Bugtraq: MIUI Wifi Connection Message Vulnerability

MIUI Wifi Connection Message Vulnerability
Categories:

Bugtraq: Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC)

Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC)
Categories:

Bugtraq: [CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow

[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow
Categories:

More rss feeds from SecurityFocus

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
Categories:

MIUI Torch Open Vulnerability

BugTraq Latest Security Advisories - 6 hours 27 min ago

Posted by vuln on Sep 17

MIUI Torch Open Vulnerability
I. Summary
com.android.systemui is the corresponding package of MiuiSystemUI.apk, a MIUI system application that manages user

interface and other functions. When started by NFC tag, the torch in NFC mobile phone will be open automatically.
-----------------------------------------------------------------
II. Description
construct a message as follow:
D4 0F 14 61 6E 64 72 6F 69 64 2E 63 6F 6D 3A 70
6B 67 63 6F...
Categories:

MIUI Wifi Connection Message Vulnerability

BugTraq Latest Security Advisories - 6 hours 37 min ago

Posted by vuln on Sep 17

MIUI Wifi Connection Message Vulnerability

I. Summary
Wifi Connection Message is written to a NFC tag, which can be touched by a NFC mobile phone for connecting wireless AP

automatically. A logic flaw has been found in MIUI that is a Android ROM. The flaw can be used to turn on wifi, with
the

help of "wifihandover"(https://play.google.com/store/apps/details?id=net.endflow.apps.wifiho) or "NFC Tag

Assistant"(...
Categories:

Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC)

BugTraq Latest Security Advisories - 6 hours 46 min ago

Posted by vuln on Sep 17

I. Summary
Bluetooth Pairing Packet is written to a NFC tag, which can be touched by a NFC mobile phone for bluetooth pairing. A
logic flaw has been found in some

versions of Andorid mobile phone. The flaw can cause NFC phones'bluetooth turned on, regardless of whether the pairing
succeeds or not.
-----------------------------------------------------------------
II. Description
According to the NFC Bluetooth Simple Pairing Message...
Categories:

Bugtraq: USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability

USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability
Categories:

Bugtraq: Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280

Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280
Categories:

Bugtraq: Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308

Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308
Categories:

Bugtraq: FreeBSD Security Advisory FreeBSD-SA-14:19.tcp

FreeBSD Security Advisory FreeBSD-SA-14:19.tcp
Categories:

[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow

BugTraq Latest Security Advisories - 6 hours 57 min ago

Posted by CORE Advisories Team on Sep 17

Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Delphi and C++ Builder VCL library Heap Buffer Overflow

1. *Advisory Information*

Title: Delphi and C++ Builder VCL library Heap Buffer Overflow
Advisory ID: CORE-2014-0006
Advisory URL:
http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-heap-buffer-overflow
Date published: 2014-09-16
Date of last update: 2014-09-16
Vendors contacted: Embarcadero
Release...
Categories:

[SECURITY] [DSA 3026-1] dbus security update

Posted by Florian Weimer on Sep 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-3026-1 security () debian org
http://www.debian.org/security/ Florian Weimer
September 16, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : dbus
CVE ID : CVE-2014-3635 CVE-2014-3636...
Categories:

[SECURITY] [DSA 3025-1] apt security update

BugTraq Latest Security Advisories - 7 hours 16 min ago

Posted by Salvatore Bonaccorso on Sep 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-3025-1 security () debian org
http://www.debian.org/security/ Salvatore Bonaccorso
September 16, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : apt
CVE ID : CVE-2014-0487 CVE-2014-0488...
Categories:

USB&WiFi Flash Drive v1.3 iOS - Code Execution Vulnerability

BugTraq Latest Security Advisories - 7 hours 27 min ago

Posted by Vulnerability Lab on Sep 17

Document Title:
===============
USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1316

Release Date:
=============
2014-09-15

Vulnerability Laboratory ID (VL-ID):
====================================
1316

Common Vulnerability Scoring System:
====================================
9

Product & Service Introduction:...
Categories:

Osclass Security Advisory - Multiple XSS Vulnerabilities - CVE-2014-6280

BugTraq Latest Security Advisories - 7 hours 37 min ago

Posted by Onur Yilmaz on Sep 17

Information
------------
Advisory by Netsparker.
Name: XSS Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Cross-site Scripting
Severity : Critical
CVE-ID: CVE-2014-6280
Netsparker Advisory Reference : NS-14-030

Advisory URL
------------
https://www.netsparker.com/xss-vulnerabilities-in-osclass/

Description
-----------
Several cross-site...
Categories:

Osclass Security Advisory - LFI Vulnerability - CVE-2014-6308

BugTraq Latest Security Advisories - 7 hours 45 min ago

Posted by Onur Yilmaz on Sep 17

Information
-----------
Advisory by Netsparker.
Name : LFI Vulnerability in OsClass
Affected Software : OsClass
Affected Versions: 3.4.1 and possibly below
Vendor Homepage : http://osclass.org/
Vulnerability Type : Local File Inclusion
Severity : Critical
CVE-ID: CVE-2014-6308
Netsparker Advisory Reference : NS-14-031

Advisory URL
------------
https://www.netsparker.com/lfi-vulnerability-in-osclass/

Description
-----------
Local file inclusion...
Categories:

FreeBSD Security Advisory FreeBSD-SA-14:19.tcp

BugTraq Latest Security Advisories - 7 hours 54 min ago

Posted by FreeBSD Security Advisories on Sep 17

=============================================================================
FreeBSD-SA-14:19.tcp Security Advisory
The FreeBSD Project

Topic: Denial of Service in TCP packet processing

Category: core
Module: inet
Announced: 2014-09-16
Credits: Jonathan Looney (Juniper SIRT)
Affects: All supported versions...
Categories:

Bugtraq: ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities
Categories: