Feed aggregator

Vuln: Apple iOS and TV CVE-2014-4461 Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
Apple iOS and TV CVE-2014-4461 Remote Code Execution Vulnerability
Categories:

Vuln: Oracle VM VirtualBox CVE-2015-0377 Local Security Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
Oracle VM VirtualBox CVE-2015-0377 Local Security Vulnerability
Categories:

Vuln: Oracle VM VirtualBox CVE-2015-0418 Local Security Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
Oracle VM VirtualBox CVE-2015-0418 Local Security Vulnerability
Categories:

Vuln: libpng CVE-2015-0973 Multiple Heap Based Buffer Overflow Vulnerabilities

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
libpng CVE-2015-0973 Multiple Heap Based Buffer Overflow Vulnerabilities
Categories:

Vuln: WebKit CVE-2014-4459 Unspecified Memory Corruption Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
WebKit CVE-2014-4459 Unspecified Memory Corruption Vulnerability
Categories:

Vuln: OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability
Categories:

Vuln: CodeWrights 'HART DTM' Library CVE-2014-9191 Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
CodeWrights 'HART DTM' Library CVE-2014-9191 Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
Categories:

Vuln: OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2015-0311 Unspecified Security Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
Adobe Flash Player CVE-2015-0311 Unspecified Security Vulnerability
Categories:

Vuln: Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
Categories:

Vuln: OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability

Security Focus Latest Security Advisories - January 28, 2015 - 12:00am
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
Categories:

APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001

BugTraq Latest Security Advisories - January 27, 2015 - 5:41pm

Posted by Apple Product Security on Jan 27

APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001

OS X 10.10.2 and Security Update 2015-001 are now available and
address the following:

AFP Server
Available for: OS X Mavericks v10.9.5
Impact: A remote attacker may be able to determine all the network
addresses of the system
Description: The AFP file server supported a command which returned
all the network addresses of the system. This issue was addressed by
removing the...
Categories:

APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3

BugTraq Latest Security Advisories - January 27, 2015 - 5:34pm

Posted by Apple Product Security on Jan 27

APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3

Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and
address the following:

WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit....
Categories:

APPLE-SA-2015-01-27-2 iOS 8.1.3

BugTraq Latest Security Advisories - January 27, 2015 - 5:26pm

Posted by Apple Product Security on Jan 27

APPLE-SA-2015-01-27-2 iOS 8.1.3

iOS 8.1.3 is now available and addresses the following:

AppleFileConduit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted afc command may allow access to
protected parts of the filesystem
Description: A vulnerability existed in the symbolic linking
mechanism of afc. This issue was addressed by adding additional path
checks.
CVE-ID...
Categories:

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

BugTraq Latest Security Advisories - January 27, 2015 - 5:18pm

Posted by Apple Product Security on Jan 27

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

Apple TV 7.0.3 is now available and addresses the following:

Apple TV
Available for: Apple TV 3rd generation and later
Impact: A maliciously crafted afc command may allow access to
protected parts of the filesystem
Description: A vulnerability existed in the symbolic linking
mechanism of afc. This issue was addressed by adding additional path
checks.
CVE-ID
CVE-2014-4480 : TaiG Jailbreak Team

Apple TV...
Categories:

Bugtraq: Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

Security Focus Latest Security Advisories - January 27, 2015 - 5:15pm
Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
Categories:

Bugtraq: [SECURITY] [DSA 3142-1] eglibc security update

Security Focus Latest Security Advisories - January 27, 2015 - 5:15pm
[SECURITY] [DSA 3142-1] eglibc security update
Categories: