Feed aggregator

Bugtraq: Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege

Security Focus Latest Security Advisories - February 8, 2016 - 7:00am
Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege
Categories:

Bugtraq: CFP: SIN 2016 - 9th International Conference on Security of Information and Networks

Security Focus Latest Security Advisories - February 8, 2016 - 7:00am
CFP: SIN 2016 - 9th International Conference on Security of Information and Networks
Categories:

JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability

BugTraq Latest Security Advisories - February 8, 2016 - 6:56am

Posted by Vulnerability Lab on Feb 08

Document Title:
===============
JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1709

Release Date:
=============
2016-02-08

Vulnerability Laboratory ID (VL-ID):
====================================
1709

Common Vulnerability Scoring System:
====================================
3.8

Product & Service Introduction:...
Categories:

Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys)

BugTraq Latest Security Advisories - February 8, 2016 - 6:44am

Posted by Ralf Spenneberg on Feb 08

OS-S Security Advisory 2016–02-08
Prolific Ser2co64.sys Stack Buffer Overflow

Date: December 23th, 2015
Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg
CVE: Not assigned yet
CVSS: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Title: Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-
Driver (ser2co64.sys)
Severity: Critical. The OS halts (BSOD). Arbitrary code execution propable.
Ease of Exploitation: Trivial
Vulnerability...
Categories:

Symphony CMS multiple vulnerabilities

BugTraq Latest Security Advisories - February 8, 2016 - 4:04am

Posted by Filippo Cavallarin on Feb 08

Advisory ID: SGMA-16002
Title: Symphony CMS multiple vulnerabilities
Product: Symphony CMS
Version: 2.6.5 and probably prior
Vendor: www.getsymphony.com
Vulnerability type: SQL-injection, Unrestriced File Upload
Risk level: 4 / 5
Credit: filippo.cavallarin () wearesegment com
CVE: N/A
Vendor notification: 2016-02-02
Vendor fix: 2016-02-05
Public disclosure: 2016-02-08

Details

Symphony CMS suffers from multiple vulnerabilities:

- SQL...
Categories:

Bugtraq: [SECURITY] [DSA 3468-1] polarssl security update

Security Focus Latest Security Advisories - February 8, 2016 - 3:00am
[SECURITY] [DSA 3468-1] polarssl security update
Categories:

WordPress User Meta Manager Plugin [Information Disclosure]

BugTraq Latest Security Advisories - February 8, 2016 - 2:21am

Posted by Panagiotis Vagenas on Feb 07

* Exploit Title: WordPress User Meta Manager Plugin [Information Disclosure]
* Discovery Date: 2015-12-28
* Public Disclosure Date: 2016-02-01
* Exploit Author: Panagiotis Vagenas
* Contact: https://twitter.com/panVagenas
* Vendor Homepage: http://jasonlau.biz/home/
* Software Link: https://wordpress.org/plugins/user-meta-manager/
* Version: 3.4.6
* Tested on: WordPress 4.4
* Category: webapps

## Description

User Meta Manager for WordPress...
Categories:

Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege

BugTraq Latest Security Advisories - February 8, 2016 - 2:11am

Posted by Stefan Kanthak on Feb 07

Hi @ll,

the executable installers of WinRAR 5.30 and earlier versions
as well as ALL self-extracting archives created with them
load and execute UXTheme.dll, RichEd32.dll and RichEd20.dll
from their "application directory".

For software downloaded with a web browser the application
directory is typically the user's "Downloads" directory: see
<...
Categories:

CFP: SIN 2016 - 9th International Conference on Security of Information and Networks

BugTraq Latest Security Advisories - February 8, 2016 - 2:02am

Posted by Hossain Shahriar on Feb 07

=========================================================================
Please accept our apologies if you receive multiple copies of this CFP
=========================================================================

CALL FOR CONTRIBUTIONS
======================
9th International Conference on Security of Information and Networks (SIN 2016)
20-22 July 2016, Rutgers University, New Jersey, USA, www.sinconf.org

In Technical Cooperation with ACM...
Categories:

[SECURITY] [DSA 3468-1] polarssl security update

BugTraq Latest Security Advisories - February 8, 2016 - 1:53am

Posted by Sebastien Delafond on Feb 07

-------------------------------------------------------------------------
Debian Security Advisory DSA-3468-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
February 06, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : polarssl
CVE ID : CVE-2015-5291 CVE-2015-8036...
Categories:

[SECURITY] [DSA 3467-1] tiff security update

BugTraq Latest Security Advisories - February 8, 2016 - 1:44am

Posted by Salvatore Bonaccorso on Feb 07

-------------------------------------------------------------------------
Debian Security Advisory DSA-3467-1 security () debian org
https://www.debian.org/security/ Laszlo Boszormenyi (GCS)
February 06, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : tiff
CVE ID : CVE-2015-8665 CVE-2015-8683...
Categories:

Multiple vulnerabilities in Open Real Estate v 1.15.1

BugTraq Latest Security Advisories - February 8, 2016 - 1:34am

Posted by Simon Waters (Surevine) on Feb 07

Introduction: Open Real Estate is an open source CMS for managing estate agent websites.

It is written in PHP and uses the YII CMF. It supports multiple languages.

It is supported by MonoRay.net

The product has a number of commercial support offerings available and an internal market for extensions.

http://open-real-estate.info/

The core application was examined using Burp Suite Pro, SQLmap, and manual inspection (no extensions were...
Categories:

[security bulletin] HPSBGN03430 rev.3 - HP ArcSight products, Local Elevation of Privilege

BugTraq Latest Security Advisories - February 8, 2016 - 1:26am

Posted by security-alert on Feb 07

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04872416

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04872416
Version: 3

HPSBGN03430 rev.3 - HP ArcSight products, Local Elevation of Privilege

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-11-03
Last Updated:...
Categories:

[CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox

BugTraq Latest Security Advisories - February 8, 2016 - 1:17am

Posted by Stefan Kanthak on Feb 07

Hi @ll,

the installers or Oracle's Java 6/7/8 for Windows and VirtualBox for
Windows load and execute several DLLs from their "application directory".

* The online installer jxpiinstall.exe:
UXTheme.dll and RASAdHlp.dll plus
(on Windows XP) SetupAPI.dll, HNetCfg.dll and XPSP2Res.dll
(on Windows Vista and above) ProfAPI.dll, Secur32.dll, NTMarta.dll
and Version.dll

* The offline installer jre-8u66-windows-i586.exe:...
Categories:

[security bulletin] HPSBGN03434 rev.1 - HP Continuous Delivery Automation using Java Deserialization, Remote Arbitrary Code Execution

BugTraq Latest Security Advisories - February 8, 2016 - 1:08am

Posted by security-alert on Feb 07

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04958567

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04958567
Version: 1

HPSBGN03434 rev.1 - HP Continuous Delivery Automation using Java
Deserialization, Remote Arbitrary Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible....
Categories:

Bugtraq: [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox

Security Focus Latest Security Advisories - February 8, 2016 - 1:00am
[CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox
Categories:

Bugtraq: [security bulletin] HPSBGN03434 rev.1 - HP Continuous Delivery Automation using Java Deserialization, Remote Arbitrary Code Execution

Security Focus Latest Security Advisories - February 8, 2016 - 1:00am
[security bulletin] HPSBGN03434 rev.1 - HP Continuous Delivery Automation using Java Deserialization, Remote Arbitrary Code Execution
Categories:

Bugtraq: [security bulletin] HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities

Security Focus Latest Security Advisories - February 8, 2016 - 1:00am
[security bulletin] HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities
Categories:

Bugtraq: CVE-2015-3252: Apache CloudStack VNC authentication issue

Security Focus Latest Security Advisories - February 8, 2016 - 1:00am
CVE-2015-3252: Apache CloudStack VNC authentication issue
Categories:

[security bulletin] HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities

BugTraq Latest Security Advisories - February 8, 2016 - 12:59am

Posted by security-alert on Feb 07

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n
a-c04920918

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04920918
Version: 2

HPSBHF03431 rev.2 - HPE Network Switches, local Bypass of Security
Restrictions, Indirect Vulnerabilities

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release...
Categories: