Hello All,
According to Oracle's Java security head, the company has
recently made very significant security improvements to
Java, such as to prevent silent exploits. The problem is
that people don't understand those features yet [1].
Starting from Java SE 7 Update 10 released in Oct 2012, a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2013:005
http://www.mandriva.com/security/
Title:
==
nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities
Date:
=
2013-01-28
References:
===
http://www.vulnerability-lab.com/get_content.php?id=795
nCircle Tracking ID: 20130117-US11337
VL-ID:
=
795
Common Vulnerability Scoring System:
Title:
==
Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities
Date:
=
2013-01-23
References:
===
http://www.vulnerability-lab.com/get_content.php?id=701
VL-ID:
=
701
Common Vulnerability Scoring System:
7.1
Introduction:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability
EMC Identifier: ESA-2013-010
EMC Identifier: NW147263
CVE Identifier: CVE-2013-0930
Severity Rating: CVSS v2 Base Score: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Affected product:
EMC
Title:
==
Kohana Framework v2.3.3 - Directory Traversal Vulnerability
Date:
=
2013-01-27
References:
===
http://www.vulnerability-lab.com/get_content.php?id=841
VL-ID:
=
837
Common Vulnerability Scoring System:
7.1
Introduction:
--
DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability
--
• Software Link:
http://dleviet.com/
• Affected Version:
9.7 only.
• Vulnerability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
iOS 6.1 Software Update is now available and addresses the following:
Identity Services
Available for: iPhone 3GS and later,
iPod touch (4th generation) and later, iPad 2 and later
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2013-01-28-2 Apple TV 5.2
Apple TV 5.2 is now available and addresses the following:
Apple TV
Available for: Apple TV 2nd generation and later
Impact: A user-mode process may be able to access the first page of
kernel memory
Description:
Hello dear XSS bored audience,
the PHP based social networking engine Elgg [1], versions 1.8.12 and
1.7.16 and earlier, bears a persistent script injection vulnerability in
its core module Twitter widget, which allows for XSS attacks.
On installations which have the Twitter widget activated
1. OVERVIEW
Adobe Reader XI versions are vulnerable to a heap overflow
2. BACKGROUND
Adobe Reader software is the free trusted standard for reliably viewing,
printing, and annotating PDF documents. It's the only PDF file viewer that can
open and interact with all types of PDF content,
11 matches
Mail list logo