BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 59 min 38 sec ago

Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

April 29, 2016 - 5:43am

Posted by Vulnerability Lab on Apr 29

Document Title:
===============
Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1839

Release Date:
=============
2016-04-29

Vulnerability Laboratory ID (VL-ID):
====================================
1839

Common Vulnerability Scoring System:
====================================
3.3

Product & Service Introduction:...
Categories:

Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream

April 29, 2016 - 1:34am

Posted by Stefan Kanthak on Apr 28

Hi @ll

despite better knowledge and MULTIPLE bug/vulnerability reports
(see <https://bugzilla.mozilla.org/show_bug.cgi?id=811557>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=809373>,
<https://bugzilla.mozilla.org/show_bug.cgi?id=579593>, ...)
Mozilla continues to ship Firefox and Thunderbird for Windows with
a vulnerable executable installer.

Proof of concept/demonstration:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1. visit <...
Categories:

[security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS)

April 29, 2016 - 1:24am

Posted by security-alert on Apr 28

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c05087821

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05087821
Version: 1

HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote
Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*

April 28, 2016 - 7:35am

Posted by Hans Jerry Illikainen on Apr 28

Details
=======

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading
zip files with the getFromIndex() and getFromName() methods of
ZipArchive, resulting in a heap overflow.

php-7.0.5/ext/zip/php_zip.c
,----
| 2679 static void php_zip_get_from(INTERNAL_FUNCTION_PARAMETERS, int type) /* {{{ */
| 2680 {
| ....
| 2684 struct zip_stat sb;
| ....
| 2689 zend_long len = 0;
| ....
| 2692 zend_string *buffer;
| ....
| 2702...
Categories:

[SECURITY] [DSA 3560-1] php5 security update

April 28, 2016 - 12:54am

Posted by Salvatore Bonaccorso on Apr 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3560-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5
CVE ID : CVE-2015-8865 CVE-2016-4070...
Categories:

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

April 28, 2016 - 12:47am

Posted by Tony Homer on Apr 27

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker can use any of the
2 methods to load malicious resources in an app that uses a whitelist
to only load trusted resources.

Upgrade path:
Developers...
Categories:

Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON – DoS vulnerability

April 28, 2016 - 12:40am

Posted by Mahmut Firuz Dumlupinar - Vendor on Apr 27


Categories:

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

April 28, 2016 - 12:31am

Posted by Tony Homer on Apr 27

CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
Apache Cordova iOS contains 2 methods to bypass the URL access
restrictions provided by the whitelist. An attacker can use any of the
2 methods to load malicious resources in an app that uses a whitelist
to only load trusted resources.

Upgrade path:
Developers...
Categories:

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

April 28, 2016 - 12:23am

Posted by Tony Homer on Apr 27

CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS

Severity:
High

Vendor:
The Apache Software Foundation

Versions Affected:
cordova-ios 3.9.1 and below

Description:
An arbitrary plugin can be executed when a user clicks on a link.

Upgrade path:
Developers who are concerned about this issue should install version
4.0.0 or higher of the cordova-ios platform.

Credit:
This issue was discovered by Muneaki Nishimura...
Categories:

[SECURITY] [DSA 3559-1] iceweasel security update

April 27, 2016 - 1:32pm

Posted by Moritz Muehlenhoff on Apr 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3559-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 27, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : iceweasel
CVE ID : CVE-2016-2805 CVE-2016-2807...
Categories:

EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection

April 27, 2016 - 10:30am

Posted by Securify B.V. on Apr 27

------------------------------------------------------------------------
EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection
------------------------------------------------------------------------
Han Sahin, November 2014

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was discovered that EMC M&R (Watch4net) does not...
Categories:

Oracle Discoverer Viewer BI - Open Redirect Vulnerability

April 27, 2016 - 7:55am

Posted by Vulnerability Lab on Apr 27

Document Title:
===============
Oracle Discoverer Viewer BI - Open Redirect Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1667

Oracle ID: S0666670

Release Date:
=============
2016-04-26

Vulnerability Laboratory ID (VL-ID):
====================================
1667

Common Vulnerability Scoring System:
====================================
2.8

Product & Service Introduction:...
Categories: