[ MDVSA-2014:077 ] jbigkit

2014-04-15 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2014:077 http://www.mandriva.com/en/support/security/

[SECURITY] [DSA 2901-1] wordpress security update

2014-04-15 Thread Salvatore Bonaccorso
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2901-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso April 12, 2014

[SECURITY] [DSA 2902-1] curl security update

2014-04-15 Thread Salvatore Bonaccorso
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-2902-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso April 13, 2014

Adobe Reader for Android exposes insecure Javascript interfaces

2014-04-15 Thread Securify B.V.
Adobe Reader for Android exposes insecure Javascript interfaces Yorick Koster, April 2014

[security bulletin] HPSBMU02995 rev.2 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and

2014-04-15 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04236102 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236102 Version: 2 HPSBMU02995

[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information

2014-04-15 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 1 HPSBMU02994

[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information

2014-04-15 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04239372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239372 Version: 1 HPSBMU02998

[security bulletin] HPSBMU02997 rev.1 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information

2014-04-15 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04239375 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239375 Version: 1 HPSBMU02997

CVE-2013-6216 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in multiple HP products on Linux

2014-04-15 Thread Portcullis Advisories
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics and SmartSSD Wear Gauge Utility Running on Linux CVE: CVE-2013-6216 Vendor: HP Product: HP Array Configuration

PDF Album v1.7 iOS - File Include Web Vulnerability

2014-04-15 Thread Vulnerability Lab
Document Title: === PDF Album v1.7 iOS - File Include Web Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1255 Release Date: = 2014-04-11 Vulnerability Laboratory ID (VL-ID):

[SECURITY] [DSA 2903-1] strongswan security update

2014-04-15 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2903-1 secur...@debian.org http://www.debian.org/security/ Yves-Alexis Perez April 14, 2014

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own)

2014-04-15 Thread VUPEN Security Research
VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND - Adobe Flash Player is a cross-platform browser-based application runtime that delivers viewing

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's Heart bleed vulnerability - CVE-2014-0160

2014-04-15 Thread Ruckus Product Security Team
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 RUCKUS ADVISORY ID 041414 Customer release date: April 14, 2014 Public release date: April 14, 2014 TITLE OpenSSL 1.0.1 library's Heart bleed vulnerability - CVE-2014-0160 SUMMARY OpenSSL library is used in Ruckus products to implement various

[SECURITY] CVE-2014-0111 Apache Syncope

2014-04-15 Thread Francesco Chicchiriccò
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2014-0111: Remote code execution by an authenticated administrator Severity: Important Vendor: The Apache Software Foundation Versions Affected: Syncope 1.0.0 to 1.0.8 Syncope 1.1.0 to 1.1.6 Description: In the various places in which Apache

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information

2014-04-15 Thread security-alert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04240206 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04240206 Version: 1 HPSBST03001

[SECURITY] [DSA 2904-1] virtualbox security update

2014-04-15 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2904-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff April 15, 2014