Updated moodle packages fix security vulnerability

In Moodle before 2.8.9, if guest access is open on the site, unauthenticated users can store Atto draft data through the editor autosave area, which could be exploited in a denial of service attack CVE-2015-5332. In Moodle before 2.8.9, due to a CSRF issue in the site registration form, it is...

WordPress Password Protected Plugin <= 1.4 - Arbitrary Site Redirect

This plugin is prone to login process redirectto parameter arbitrary site redirect vulnerability. Solution Upgrade the plugin...

USN-2788-2: unzip regression

USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gustavo Grieco discovered that unzip incorrectly handled certain password protecte...

DEBIAN-CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

ALPINE-CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

AZL-6938 CVE-2015-7696 affecting package unzip for versions less than 6.0-19

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

CVE-2015-7696

Info-ZIP UnZip 6.0 is vulnerable to a heap-based buffer over-read that can crash the application or possibly allow arbitrary code execution when processing crafted password-protected ZIP archives, possibly related to an Extra-Field size value. This CVE (CVE-2015-7696) is widely reported across di...

CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

Debian DSA-3386-1 : unzip - security update

Two vulnerabilities have been found in unzip, a de-archiver for .zip files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-7696 Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated...

[USN-2788-1] unzip vulnerabilities

========================================================================== Ubuntu Security Notice USN-2788-1 October 29, 2015 unzip vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Debian Security Advisory DSA 3386-1 (unzip - security update)

Two vulnerabilities have been found in unzip, a de-archiver for .zip files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-7696 Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system...

DSA-3386-1 unzip - security update

Bulletin has no description...

USN-2788-1 unzip vulnerabilities

Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code. CVE-2015-7696 Gustavo Grieco discovered that unzip incorrect...

Threat Outbreak Alert RuleID19009: Email Messages Distributing Malicious Software on October 27, 2015

Medium Alert ID: 41765 First Published: 2015 October 28 13:09 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID19009 may contain the following files: Name |...

UBUNTU-CVE-2015-7696

Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...

All in One SEO Pack information management vulnerability

Overview All in One SEO Pack is a WordPress plugin. All in One SEO Pack automatically adds a meta tag "Meta Description" to a page using some part of its contents, and this behavior is enabled in the initial configuration. Meta Description can be added even when a page is password-protected,...

Netsparker 4 - Easier to Use, More Automation and Much More Web Security Checks

Netsparker Web Application Security Scanner version 4. The main highlight of this new version is the new fully automated Form Authentication mechanism; it does not require you to record anything, supports 2 factor authentication and other authentication mechanisms that require a one time code to...

4images Cross Site Scripting / Clickjacking

Affected software: 4images Type of vulnerability: clickjacking,xss URL: http://www.4homepages.de/ Discovered by: Provensec Website: http://www.provensec.com Description: 4images is a powerful web-based image gallery management system. Features include comment system, user registration and...