Security Bulletin: IBM Integrated Information Core and WebSphere Application Server - Oracle CPU July 2015

Abstract Oracle released the July 2015 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Content New IBM WebSphere Application Server updates are available that include an...

Oracle Java SE Multiple 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)

Binary data 700651.prm...

CVE-2015-9266

The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP formerly TOUGHSwitch allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This...

Security Bulletin:A security vulnerability has been identified in MySQL Server shipped with Tivoli Network Manager IP Edition (Oracle Critical Patch Update Advisory - July 2015)

Summary MySQL Server is shipped as a component of Tivoli Network Manager IP Edition. Information about a security vulnerability affecting MySQL Server has been published in a security bulletin Vulnerability Details Please consult the security bulletin...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Access Manager for Web

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5.0, 6, 6R1, 7, 7R1 that is used by IBM Security Access Manager for Web. These issues were disclosed as part of the IBM Java SDK updates in July 2015 Vulnerability Details CVEID: CVE-2015-1931 DESCRIPTION: I...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server July 2015 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in July 2015. These may affect some configurations of IBM WebSphere Application Server Full Profil...

Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time

Summary Java SE issues disclosed in the Oracle July 2015 Critical Patch Update, plus CVE-2015-1931. Vulnerability Details CVE IDs: CVE-2015-2638 CVE-2015-4733 CVE-2015-4732 CVE-2015-2590 CVE-2015-4731 CVE-2015-4760 CVE-2015-4736 CVE-2015-4748 CVE-2015-2664 CVE-2015-2632 CVE-2015-2637 CVE-2015-261...

Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle July 2015 Critical Patch Update, plus CVE-2015-1931 Vulnerability Details CVE IDs: CVE-2015-2638 CVE-2015-4733 CVE-2015-4732 CVE-2015-2590 CVE-2015-4731 CVE-2015-4760 CVE-2015-4736 CVE-2015-4748 CVE-2015-2664 CVE-2015-2632 CVE-2015-2637 CVE-2015-2619...

Oracle: Security Advisory (ELSA-2015-1228)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco AnyConnect 3.1.08009 - Local Privilege Escalation (via DMG Install Script)

Cisco AnyConnect 3.1.08009 - Local Privilege Escalation via DMG Install Script / Cisco AnyConnect elevation of privileges via DMG install script - proof of concept Yorick Koster, July 2015 https://securify.nl/advisory/SFY20150701/ciscoanyconnectelevationofprivilegesviadmginstallscript.html based ...

mysql: unspecified vulnerability related to Server:InnoDB (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439...

mysql: unspecified vulnerability related to Server:DML (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML...

mysql: unspecified vulnerability related to Server:Security:Firewall (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767...

Oracle MySQL 5.6.x < 5.6.23 InnoDB DoS (July 2015 CPU)

The version of Oracle MySQL installed on the remote host is 5.6.x prior to 5.6.23. It is, therefore, affected by an unspecified flaw in the InnoDB subcomponent. An authenticated, remote attacker can exploit this to cause a denial of service condition. C Tenable Network Security, Inc...

Oracle MySQL 5.6.x < 5.6.25 Multiple Vulnerabilities (July 2015 CPU) (October 2015 CPU)

The version of Oracle MySQL installed on the remote host is 5.6.x prior to 5.6.25. It is, therefore, affected by the following vulnerabilities : - Multiple denial of service vulnerabilities exist in the following subcomponents which can be exploited by a remote, authenticated attacker : - Partiti...

mysql: unspecified vulnerability related to Client (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client...

mysql: unspecified vulnerability related to Server:InnoDB (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0439...

mysql: unspecified vulnerability related to Server:I_S (CPU July 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : IS...

RHEL 5 : mysql55-mysql (RHSA-2015:1628)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1628 advisory. - mysql: unspecified vulnerability related to Server:InnoDB:DML CPU Jan 2015 CVE-2014-6568 - mysql: unspecified vulnerability related to...

Threat Outbreak Alert RuleID17305: Email Messages Distributing Malicious Software on August 12, 2015

Medium Alert ID: 40452 First Published: 2015 August 13 14:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17305 may contain the following files: Name |...