Feed aggregator

Vuln: PHP 'zip_stream.c' Integer Overflow Vulnerability

Security Focus Latest Security Advisories - September 20, 2016 - 11:00pm
PHP 'zip_stream.c' Integer Overflow Vulnerability
Categories:

Vuln: PHP CVE-2016-6294 Local Information Disclosure Vulnerability

Security Focus Latest Security Advisories - September 20, 2016 - 11:00pm
PHP CVE-2016-6294 Local Information Disclosure Vulnerability
Categories:

Vuln: Apple iOS Prior to 10 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - September 20, 2016 - 11:00pm
Apple iOS Prior to 10 Multiple Security Vulnerabilities
Categories:

Vuln: Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities

Security Focus Latest Security Advisories - September 20, 2016 - 11:00pm
Google Chrome Prior to 52.0.2743.82 Multiple Security Vulnerabilities
Categories:

Vuln: QEMU 'hw/usb/hcd-xhci.c' Information Disclosure Vulnerability

Security Focus Latest Security Advisories - September 20, 2016 - 11:00pm
QEMU 'hw/usb/hcd-xhci.c' Information Disclosure Vulnerability
Categories:

APPLE-SA-2016-09-20-6 tvOS 10

BugTraq Latest Security Advisories - September 20, 2016 - 5:26pm

Posted by Apple Product Security on Sep 20

APPLE-SA-2016-09-20-6 tvOS 10

The tvOS 10 advisory has been released to describe the entries below:

Audio
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park,
and Taekyoung Kwon of Information Security Lab, Yonsei University
Entry added...
Categories:

APPLE-SA-2016-09-20-5 watchOS 3

BugTraq Latest Security Advisories - September 20, 2016 - 5:16pm

Posted by Apple Product Security on Sep 20

APPLE-SA-2016-09-20-5 watchOS 3

The watchOS 3 advisory has been updated to include additional entries
as noted below.

Audio
Available for: All Apple Watch models
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park,
and Taekyoung Kwon of Information Security Lab, Yonsei University...
Categories:

APPLE-SA-2016-09-20-4 macOS Server 5.2

BugTraq Latest Security Advisories - September 20, 2016 - 5:06pm

Posted by Apple Product Security on Sep 20

APPLE-SA-2016-09-20-4 macOS Server 5.2

macOS Server 5.2 is now available and addresses the following:

apache
Available for: macOS 10.12 Sierra
Impact: A remote attacker may be able to proxy traffic through an
arbitrary server
Description: An issue existed in the handling of the HTTP_PROXY
environment variable. This issue was addressed by not setting the
HTTP_PROXY environment variable from CGI.
CVE-2016-4694 : Dominic Scheirlinck and Scott...
Categories:

APPLE-SA-2016-09-20-3 iOS 10

BugTraq Latest Security Advisories - September 20, 2016 - 4:56pm

Posted by Apple Product Security on Sep 20

APPLE-SA-2016-09-20-3 iOS 10

The iOS 10 advisory has been updated to include additional entries as
noted below.

AppleMobileFileIntegrity
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A local application may be able to execute arbitrary code
with system privileges
Description: A validation issue existed in the task port inheritance
policy. This issue was addressed through improved...
Categories:

APPLE-SA-2016-09-20-2 Safari 10

BugTraq Latest Security Advisories - September 20, 2016 - 4:45pm

Posted by Apple Product Security on Sep 20

APPLE-SA-2016-09-20-2 Safari 10

Safari 10 is now available and addresses the following:

Safari Reader
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS 10.12 Sierra
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: Multiple validation issues were addressed through
improved input sanitization.
CVE-2016-4618 : an anonymous researcher...
Categories:

next-20160920: linux-next

Linux Kernel Updates - September 20, 2016 - 3:00am
Version:next-20160920 (linux-next) Released:2016-09-20