47153 matches found
Unauthenticated command execution on Netgear DGN devices
Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...
Imperva SecureSphere Operations Manager version 9.0.0.5 - Multiple issues
Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.2013...
DS3 Authentication Server - Multiple Issues
Original: http://www.digitalsec.net/stuff/explt+advs/DS3.AuthServer.txt =============================== - Advisory - =============================== Tittle: DS3 Authentication Server - Command Execution Post Authentication & other minor issues Risk: High Date: 27.May.2013 Author: Pedro Andujar .:...
Microsoft Security Essentials outdated libraries
Outdated runtime libraries with known vulnerabilities are installed in Windows XP / 2003...
Sketchup multiple security vulnerabilities
Vulnerabilities on SKP, BMP, PICT parsing...
MIT Kerberos 5 DoS
Server sends response to response, it makes it possible to loop packets between two servers...
CVE-2013-3662 - Sketchup MAC Pict Material Palette Stack Corruption
If you are still using an old version of SketchUp8M2 you should upgrade it. Title: Sketchup MAC Pict Material Palette Stack Corruption Product: Google SketchUp Advisory ID: BINA-20111201 CVE ID: CVE-2013-3662 Class: Boundary Error Condition Buffer Overflow Vulnerability class: Client side/ file...
CVE-2013-3664 - Sketchup Multiple Vulnerabilities
Well, you should upgrade SketchUp to the last version 2 bugs here. ================================================================= ================================================================= Title: Sketchup MAC Pict Material Palette Stack Corruption Product: Trimble SketchUp Advisory ID:...
CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow
If you are still using a not so old version of SketchUp8M3 you should upgrade it... Title: SketchUp BMP RLE8 Heap Overflow Product: Google SketchUp Advisory ID: BINA-20120523 CVE ID: CVE-2013-3663 Class: Boundary Error Condition Buffer Overflow Vulnerability class: Client side/ file format...
[USN-1844-1] Linux kernel vulnerability
========================================================================== Ubuntu Security Notice USN-1844-1 May 30, 2013 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
[USN-1849-1] Linux kernel (Raring HWE) vulnerability
========================================================================== Ubuntu Security Notice USN-1849-1 May 31, 2013 linux-lts-raring vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
[ MDVSA-2013:171 ] gnutls
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:171 http://www.mandriva.com/en/support/security/ Package : gnutls Date : May 30, 2013 Affected: Enterprise Server 5.0 Problem Description: A vulnerability has been discovered and corrected in gnutls: A flaw...
[SECURITY] [DSA 2686-1] libxcb security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2686-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2676-1] libxfixes security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2676-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2674-1] libxv security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2674-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2675-2] libxvmc regression update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2675-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 24, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2681-1] libxcursor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2681-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2685-1] libxp security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2685-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2684-1] libxrandr security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2684-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own)
VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass MS13-037 / Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as...
Microsoft Office multiple security vulnerabilities
Multiple buffer overflows, integer overflows, memory corruptions, etc...
[SECURITY] [DSA 2682-1] libxext security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2682-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2675-1] libxvmc security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2675-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2680-1] libxt security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2680-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2691-1] libxinerama security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2691-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2687-1] libfs security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2687-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2678-1] mesa security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2678-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[USN-1833-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1833-1 May 24, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Linux kernel multiple security vulnerabilities
Privilege escalation via suid-process output redirection, unix sockets privilege escalation, UDF and ISO filesystem drivers information leakage, i915 driver memory corruption, multiple KVM vulnerabilities, ext3 driver privilege escalation, netlink information leakages...
[SECURITY] [DSA 2677-1] libxrender security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2677-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
Microsoft Visio information leakage
Information leakage via external XML entities...
APPLE-SA-2013-05-16-1 iTunes 11.0.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-05-16-1 iTunes 11.0.3 iTunes 11.0.3 is now available and addresses the following: iTunes Available for: Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: An attacker in a privileged network position may manipulate HTTP...
[security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03772083 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03772083 Version: 1 HPSBUX02881...
Apple QuickTime multiple security vulnerabilities
Memory corruptions on different formats and protocols parsing...
Microsoft Windows Essentials information leakage
Microsoft Writer invalid URL handling...
Apple iTunes multiple security vulnerabilities
Certificate validation vulnerability, multiple memory corruptions...
[SECURITY] [DSA 2690-1] libxxf86dga security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2690-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2692-1] libxxf86vm security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2692-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
Microsoft Lync code execution
Use-after-free vulnerability...
[SECURITY] [DSA 2688-1] libxres security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2688-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
HP-UX Directory Server informaton leakage
No description provided...
Microsoft Windows multiple security vulnerabilities
http.sys DoS, multiple kernel privilege escalations, .Net signature spoofing and authorization bypass...
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2679-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2689-1] libxtst security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2689-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow MS13-037 / Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included a...
Microsoft Internet Explorer multiple security vulnerabilities
Information leakage, multiple use-after-free vulnerabilities...
[SECURITY] [DSA 2683-1] libxi security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2683-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
APPLE-SA-2013-05-22-1 QuickTime 7.7.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-05-22-1 QuickTime 7.7.4 QuickTime 7.7.4 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted TeXML file may lead to an unexpected application...
[SECURITY] [DSA 2673-1] libdmx security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2673-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2013 http://www.debian.org/security/faq -...
SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager
SEC Consult Vulnerability Lab Security Advisory 20130507-0 ======================================================================= title: Multiple vulnerabilities product: NetApp OnCommand System Manager vulnerable version: = 2.1 and =2.0.2 fixed version: 2.2 only XSS fixed CVE: CVE-2013-3320 XSS...