Document Title:
===
Microsoft Online, Office Cloud - Persistent Encoding Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=806
Microsoft Security Response Center (MSRC) ID: 14090
Microsoft Security Response Center (MSRC)
We have the DOWNSTAIRS bar at The Phoenix, Cavendish Square from 18:00
until the bar closes (~23:00)
Agenda:
Drinking beer and/or other beverages.
Swapping war stories.
Drinking more beer.
Eating yummy food, pre-order Christmas menu details here -
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: PHP openssl_x509_parse() Memory Corruption Vulnerability
Release Date: 2013/12/13
Last Modified: 2013/12/13
Author: Stefan Esser
Hello Bugtraq readers, the CFP for YSTS 8 is now opened.
==
YSTS 8th Edition
Sao Paulo, Brazil
April 14th, 2014
Call for Papers Opens: December 13th, 2013
Call for Papers Close: February 1st, 2014
http://www.ysts.org
@ystscon
INTRODUCTION
After 7 very successful editions here
2sd World Conference on Information Systems and Technologies - WorldCIST'14
April 15-18, 2014, Madeira Island, Portugal
http://www.aisti.eu/worldcist14/
Submission deadline: December 29
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2817-1 secur...@debian.org
http://www.debian.org/security/ Luciano Bello
December 14, 2013
Author: Jakub Zoczek [zoc...@gmail.com]
CVE Reference: CVE-2013-7032
Product: LiveZilla
Vendor: LiveZilla GmbH [http://livezilla.net]
Affected version: 5.1.2.0
Severity: Medium
CVSSv2 Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Status: Fixed
0x01 Background
LiveZilla, the widely-used and trusted
Author: Jakub Zoczek [zoc...@gmail.com]
CVE Reference: CVE-2013-7033
Product: LiveZilla
Vendor: LiveZilla GmbH [http://livezilla.net]
Affected version: 5.1.2.0
Severity: Medium
CVSSv2 Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Status: Partly fixed
0x01 Background
LiveZilla, the widely-used and
Title: Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line
Date: 11/15/2013
Author: Larry W. Cashdollar, @_larry0
Download: http://rubygems.org/gems/bio-basespace-sdk
Description:
BaseSpace Ruby SDK is a Ruby based Software Development Kit to be used in the
development of Apps
Title: Command injection vulnerability in Ruby Gem sprout 0.7.246
Date: 11/14/2013
Download: http://rubygems.org/gems/sprout, http://projectsprouts.org/
Vulnerability:
The unpack_zip() function contains the following code:
sprout-0.7.246/lib/sprout/archive_unpacker.rb
60 zip_dir =
Author: Jakub Zoczek [zoc...@gmail.com]
CVE Reference: CVE-2013-7034
Product: LiveZilla
Vendor: LiveZilla GmbH [http://livezilla.net]
Affected version: 5.1.2.0
Severity: Medium
CVSSv2 Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
Status: Fixed
0x01 Background
LiveZilla, the widely-used and trusted
Title: Command injection in Ruby Gem Webbynode 1.0.5.3
Date: 11/11/2013
Author: Larry W. Cashdollar, @_larry0
Download: http://rubygems.org/gems/webbynode
Vulnerability Description:
The following code located in: ./webbynode-1.0.5.3/lib/webbynode/notify.rb
doesn't fully sanitize user
Document Title:
===
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1168
Release Date:
=
2013-12-11
Vulnerability Laboratory ID (VL-ID):
Advisory ID: HTB23183
Product: Bitrix Site Manager
Vendor: Bitrix, Inc
Vulnerable Version(s): 12.5.13 and probably prior
Tested Version: 12.5.13
Advisory Publication: November 6, 2013 [without technical details]
Vendor Notification: November 6, 2013
Vendor Patch: November 12, 2013
Public
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-2818-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
December 16, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04045640
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04045640
Version: 1
HPSBHF02953
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2819-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
December 16, 2013
Advisory ID: HTB23186
Product: MijoSearch
Vendor: Mijosoft
Vulnerable Version(s): 2.0.1 and probably prior
Tested Version: 2.0.1
Advisory Publication: November 25, 2013 [without technical details]
Vendor Notification: November 25, 2013
Public Disclosure: December 16, 2013
Vulnerability Type:
18 matches
Mail list logo