[slackware-security] pidgin (SSA:2012-195-02)

2012-07-16 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] pidgin (SSA:2012-195-02) New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--+

[slackware-security] php (SSA:2012-195-01)

2012-07-16 Thread Slackware Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] php (SSA:2012-195-01) New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog:

Google Chrome 19 metro_driver.dll mishandling

2012-07-16 Thread moshez
Security Advisory - Google Chrome 19 metro_driver.dll mishandling Summary : Google Chrome 19 is prone to unqualified DLL loading Date : 28 June 2012 Affected versions : Google Chrome v19.0.1084.21 up-to

Event Calendar PHP 1.2 - Multiple Web Vulnerabilites

2012-07-16 Thread Research
Title: == Event Calendar PHP 1.2 - Multiple Web Vulnerabilites Date: = 2012-06-19 References: === http://www.vulnerability-lab.com/get_content.php?id=607 VL-ID: = 607 Common Vulnerability Scoring System: 7.1 Introduction:

VamCart v0.9 CMS - Multiple Web Vulnerabilities

2012-07-16 Thread Research
Title: == VamCart v0.9 CMS - Multiple Web Vulnerabilities Date: = 2012-06-25 References: === http://www.vulnerability-lab.com/get_content.php?id=622 VL-ID: = 622 Common Vulnerability Scoring System: 4 Introduction: =

SMF Board v2.0.2 - Multiple Web Vulnerabilities

2012-07-16 Thread Research
Title: == SMF Board v2.0.2 - Multiple Web Vulnerabilities Date: = 2012-06-25 References: === http://www.vulnerability-lab.com/get_content.php?id=596 VL-ID: = 624 Common Vulnerability Scoring System: 4.1 Introduction: =

PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities

2012-07-16 Thread Research
Title: == PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities Date: = 2012-06-26 References: === http://www.vulnerability-lab.com/get_content.php?id=623 VL-ID: = 625 Common Vulnerability Scoring System: 4.5 Introduction:

Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability

2012-07-16 Thread Research
Title: == Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability Date: = 2012-05-29 References: === http://www.blackboard.com/Platforms/Learn/Overview.aspx VL-ID: = 580 Common Vulnerability Scoring System: 3.5 Introduction:

CakePHP 2.x-2.2.0-RC2 XXE Injection

2012-07-16 Thread pawel . wylecial
# Exploit title: CakePHP XXE injection # Date: 01.07.2012 # Software Link: http://www.cakephp.org # Vulnerable version: 2.x - 2.2.0-RC2 # Tested on: Windows and Linux # Author: Pawel Wylecial # http://h0wl.pl 1. Background Short description from the project website: CakePHP makes building web

libexif project security advisory July 12, 2012

2012-07-16 Thread Dan Fandrich
libexif project security advisory July 12, 2012 PROBLEM DESCRIPTION A number of remotely exploitable issues were discovered in libexif and exif, with effects ranging from information leakage to potential remote code execution. The issues are: CVE-2012-2812: A heap-based out-of-bounds array read

[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification

2012-07-16 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c0340 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c0340 Version: 1 HPSBGN02787