-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability
EMC Identifier: ESA-2013-035
CVE Identifier: CVE-2013-0945
Severity Rating: CVSS v2 Base Score: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Affected products:
EMC Avamar C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
EMC Identifier: ESA-2013-028
EMC Identifier: NW147983
CVE Identifier: CVE-2013- 0940
Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Affected products:
EMC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ESA-2013-034: EMC Avamar Improper Authorization vulnerability
EMC Identifier: ESA-2013-034
CVE Identifier: CVE-2013-0944
Severity Rating: CVSS v2 Base Score: 7.5 (AV:N/AC:M/Au:S/C:C/I:P/A:P)
Affected products:
EMC Avamar Server 5.x
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2664-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
May 2, 2013
High Risk Vulnerability in Oracle Database 11g
1 May 2013
Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle
Database 11g
Impact: Null Pointer Dereference (Remote DoS)
Versions affected: Oracle Database 11g
Security patch information can be found at the following URL
High Risk Vulnerability in Oracle Database 11g
1 May 2013
Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle
Database 11g
Impact: Invalid pointer read (Remote DoS)
Versions affected: Oracle Database 11g
Security patch information can be found at the following URL:
ht
High Risk Vulnerability in Oracle Retail Integration Bus Manager
1 May 2013
Andrew Davies of NCC Group has discovered a High risk vulnerability in Oracle
Retail Integration Bus Manager
Impact: Directory traversal
Versions affected: Oracle Retail Integration Bus, versions 13.0, 13.1, 13.2
Se
High Risk Vulnerability in Oracle Retail Central Office
1 May 2013
Andrew Davies of NCC Group has discovered a High risk vulnerability in Oracle
Retail Central Office
Impact: SQL Injection
Versions affected: Oracle Retail Central Office, versions 13.1, 13.2, 13.3,
13.4
Security patch infor
The WordPress plugin Advanced XML Reader v0.3.4 published here:
http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE
(XML eXternal Entity) processing attacks.
After installing the plugin on a Windows machine, I created a text file in the
root of C:\ named "test.txt", w