HP Onboard Administrator unauthorized access

No description provided...

conky symbolic links vulnerability

Insecure temporary files creation...

Abus IP cameras multiple security vulnerabilities

Read/write files access and command execution...

Multiple G-WAN vulnerabilities

======================================================================== Title: Multiple G-WAN vulnerabilities Product: G-WAN http://gwan.com/ Author: Fredrik Widlund E-mail: fredrik.widlund at gmail dot com Date: 2011-10-12 ========================================================================...

[ GLSA 201110-09 ] Conky: Privilege escalation

Gentoo Linux Security Advisory GLSA 201110-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

[ GLSA 201110-08 ] feh: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201110-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

[security bulletin] HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03048779 Version: 1 HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator OA, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon as soon as...

APPLE-SA-2011-10-11-1 iTunes 10.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-11-1 iTunes 10.5 iTunes 10.5 is now available and addresses the following: CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: A man-in-the-middle attack may lead to an unexpected application termination or arbitra...

APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006 OS X Lion v10.7.2 and Security Update 2011-006 is now available and addresses the following: Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and...

ABUS TVIP 11550/21550 Multiple vulnerabilities (and possibly other ABUS cams)

Title : ABUS TVIP 11550/21550 Multiple vulnerabilities and possibly other ABUS cams Author : Marco van Berkum - Summary - Arbitrary file read - Arbitrary file upload - Arbitrary command excution input validation bug - How it's totally compromised including ssh root login. - Summary The ABUS 11550...

CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Microsoft Publisher 2007 Pubconv.dll Memory Corruption 1. Advisory Information Title: Microsoft Publisher 2007 Pubconv.dll Memory Corruption Advisory ID: CORE-2011-0106...

iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability

iDefense Security Advisory 10.12.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 12, 2011 I. BACKGROUND MobileSafari is Apple's mobile we browser for iOS devices. For more information about MobileSafari, please the visit following website:...

APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4 Apple TV Software Update 4.4 is now available and addresses the following: Apple TV Available for: Apple TV 4.0 through 4.3 Impact: An attacker with a privileged network position may intercept user...

NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow

======= Summary ======= Name: Apple OSX / iPhone iOS ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow Reference: NGS00062 Discoverer: Dominic Chell [email protected] Vendor: Apple Vendor Reference: 145575681 Systems Affected: Apple OSX / iPhone iOS / Possibly others using LibTiff...

SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969)

SEC Consult Vulnerability Lab Security Advisory 20111012-0 ======================================================================= title: Client-side remote file upload & command execution product: Microsoft Forefront Unified Access Gateway Remote Access Agent signed Java applet vulnerable versio...

[USN-1226-1] Samba vulnerabilities

========================================================================== Ubuntu Security Notice USN-1226-1 October 04, 2011 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Two Remote Code Execution Vulnerabilities in Internet Explorer

Vulnerability 1: Internet Explorer Select Element Remote Code Execution Original advisory: http://ifsec.blogspot.com/2011/10/internet-explorer-select-element-remote.html I. OVERVIEW There is a vulnerability in Internet Explorer which enables execution of arbitrary code if the user visits a web pa...

iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability

iDefense Security Advisory 10.12.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 12, 2011 I. BACKGROUND The OfficeImport framework is an API used by Apple's mobile devices, including the iPod Touch, iPhone, and iPad. The framework is used to parse and display Microsoft Office file...

iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability

iDefense Security Advisory 10.11.11 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 11, 2011 I. BACKGROUND Internet Explorer is a graphical web browser developed by Microsoft Corp. that has been included with Microsoft Windows since 1995. For more information about Internet Explorer,...

Quassel IRC client weak permissions

Weak permissions for user's files and directories...

Apple Safari / WebKit multiple security vulnerabilities

Crossite scripting, multiple memory corruption, code execution...

APPLE-SA-2011-10-12-6 Numbers for iOS v1.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-6 Numbers for iOS v1.5 Numbers for iOS v1.5 is now available and addresses the following: Numbers Available for: iOS Impact: Opening a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary co...

APPLE-SA-2011-10-12-4 Safari 5.1.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-4 Safari 5.1.1 Safari 5.1.1 is now available and addresses the following: Safari Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.2, OS X Lion Server v10.7.2, Windows 7, Vista, XP SP2 or later Impact:...

APPLE-SA-2011-10-12-5 Pages for iOS v1.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-5 Pages for iOS v1.5 Pages for iOS v1.5 is now available and addresses the following: Pages Available for: iOS Impact: Opening a maliciously crafted Microsoft Word document may lead to an unexpected application termination or...

APPLE-SA-2011-10-12-1 iOS 5 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-1 iOS 5 Software Update iOS 5 Software Update is now available and addresses the following: CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch 3rd generation and later, iOS...

[USN-1230-1] Quassel vulnerability

========================================================================== Ubuntu Security Notice USN-1230-1 October 14, 2011 quassel vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Microsoft Host Integration Server DoS

Uninitialized pointer dereference, endless loop...

Microsoft .Net / Silverlight code execution

It's possible to escape from sandbox...

Microsoft Windows multiple security vulnerabilities

Active Accessibility and Media Center insecure DLL loading...

PHP multiple security vulnerabilities

Memory corruptions in different functions...

[ MDVSA-2011:144 ] apache

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:144 http://www.mandriva.com/security/ Package : apache Date : September 8, 2011 Affected: 2009.0, 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected i...

[ GLSA 201110-06 ] PHP: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 201110-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Google Chrome security vulnerabilities

Memory corruption on WebKit functions...

Cisco Network Admission Control Manager directory traversal

HTTPS directory traversal...

rpm multiple security vulnerabilities

Multiple vulnerabilities on RPM file header parsing...

OpenOffice multiple security vulnerabilities

Multiple memmory corruptions on .doc files import...

quagga route daemon multiple security vulnerabilities

Multiple memory corruptions on OSPF and BGP packets parsing...

Anatomy Keyview multiple security vulnerabilities

Memory corruption, integer overflow, buffer overflow...

VMWare buffer overflow

Buffer overflow on UDF file system import...

cyrus-imapd nntp server security vulnerabilities

Buffer overflow, auuthentication bypass...

UI spoofing in different QT applications

Using Qt QLabel class to display security critical information allows interface spoofing...

Cisco ASA / Cisco FSM multiple security vulnerabilities

Multiple vulnerabilities in MSN, ILS and Sun RPC parsing, authentication bypass in TACACS+...

ark archiver directory traversal

Directory traversal during archive extraction...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Advisory ID: cisco-sa-20111005-fwsm Revision 1.0 For Public Release 2011 October 05 1600 UTC GMT +-------------------------------------------------------------------...

Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM

I recently discovered that various Qt applications including KSSL the KDE class library responsible for SSL negotiation, Rekonq, Arora and Psi IM are vulnerable to UI spoofing due to their use of QLabel objects to render externally controlled security critical information. The primary area of...

Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow

====================================================================== Secunia Research 07/10/2011 - Autonomy Keyview Ichitaro Text Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...

Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability

====================================================================== Secunia Research 07/10/2011 - Autonomy Keyview - - Ichitaro Object Reconstruction Logic Vulnerability - ====================================================================== Table of Contents Affected...

VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability

VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Google Chrome is a web browser developed by Google that uses the WebKit...

[SECURITY] [DSA 2316-1] quagga security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2316-1 [email protected] http://www.debian.org/security/ Florian Weimer October 05, 2011 http://www.debian.org/security/faq -...

Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager Advisory ID: cisco-sa-20111005-nac Revision 1.0 For Public Release 2011 October 05 1600 UTC GMT...