-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-2329-1secur...@debian.org
http://www.debian.org/security/ Nico Golde
Oct 27th, 2011
Hi everyone,
We're happy to announce that the sixth annual SANS AppSec Summit will be
held in Las Vegas, Nevada on April 30 - May 1, 2012.
The theme for this conference is Application Security at Scale.
Billions of records in the cloud. Millions of smart mobile devices.
Millions of
ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-303
October 26, 2011
-- CVE ID:
CVE-2011-3219
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Apple
-- Affected Products:
Apple
ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-304
October 26, 2011
-- CVE ID:
CVE-2011-3252
-- CVSS:
8.3, AV:N/AC:M/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Apple
-- Affected Products:
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-305
October 26, 2011
-- CVE ID:
CVE-2011-3544
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java
ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-306
October 26, 2011
-- CVE ID:
CVE-2011-3521
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle
ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-307
October 26, 2011
-- CVE ID:
CVE-2011-3545
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Oracle
-- Affected Products:
ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-308
October 26, 2011
-- CVE ID:
CVE-2011-4004
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Cisco
-- Affected Products:
Cisco WebEx
ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-309
October 26, 2011
-- CVE ID:
CVE-2011-3173
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Novell
-- Affected Products:
ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-310
October 26, 2011
-- CVE ID:
CVE-2011-2441
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
Title
-
DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal
[CVE-2011-3315]
Severity
High
Date Discovered
---
August 9, 2011
Discovered By
-
Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$
Vulnerability Description
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2011-10-26-1 QuickTime 7.7.1
QuickTime 7.7.1 is now available and addresses the following:
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application
Foofus.net Security Advisory: foofus-20111026
Title:Toshiba eStudio Multifunction Printer Information Leakage
Version: e-Studio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2330-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
October 27, 2011
ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-311
October 27, 2011
-- CVE ID:
CVE-2011-3220
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-313
October 27, 2011
-- CVE ID:
CVE-2011-3223
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Apple
-- Affected Products:
Apple
ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-312
October 27, 2011
-- CVE ID:
CVE-2011-3221
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Apple
-- Affected Products:
ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-314
October 27, 2011
-- CVE ID:
CVE-2011-3247
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Apple
-- Affected Products:
Apple
ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-315
October 27, 2011
-- CVE ID:
CVE-2011-3249
-- CVSS:
9, AV:N/AC:L/Au:N/C:P/I:P/A:C
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-316
October 27, 2011
-- CVE ID:
CVE-2011-3251
-- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03070783
Version: 1
HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Service
(DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon
as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03057703
Version: 2
HPSBUX02715 SSRT100623 rev.2 - HP-UX Containers (SRP), Local Unauthorized
Access and Increased Privileges
NOTICE: The information in this Security Bulletin should be acted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
VMware Security Advisory
Advisory ID: VMSA-2011-0013
Synopsis:VMware third party component updates for VMware vCenter
Server, vCenter
On Sun, Oct 23, 2011 at 01:06:07AM +0200, muuratsalo experimental hack lab
wrote:
jara 1.6 sql injection vulnerability
download http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip
author muuratsalo
contact muuratsalo[at]gmail.com
exploit
--
(PT-2011-20) Positive Technologies Security Advisory
Authorization bypass vulnerability in OneOrZero AIMS
--
---[Vulnerable software]
--
(PT-2011-21) Positive Technologies Security Advisory
SQL injection vulnerability in OneOrZero AIMS
--
---[Vulnerable software]
--
(PT-2011-29) Positive Technologies Security Advisory
Arbitrary file reading and arbitrary code execution in Router Manager for
D-Link DIR-300.
--
--
(PT-2011-30) Positive Technologies Security Advisory
Disclosure of sensitive information in D-Link DIR-300 Router
--
---[Vulnerable software]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2323-1 secur...@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
October 26, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA-2331-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
October 28, 2011
eFront = 3.6.10 (build 11944) Multiple Security Vulnerabilities
author.: EgiX
mail...: n0b0d13s[at]gmail[dot]com
software
Hello,
This is Paul Oxman with Cisco PSIRT.
Please confirms the vulnerability reported by Peter Adkins,
and has published an Intellishield response
http://tools.cisco.com/security/center/viewAlert.x?alertId=24458
Additional information below. For current updates to Cisco PSIRT
response,
35 matches
Mail list logo