LiveZilla 5.3.0.7 Security Issue

2014-10-15 Thread sourav . infosec
I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is 5.3.0.8 / 2014-09-25. http://changelog.livezilla.net/ Can you help me regarding CVE. I can send you the vulnerability details.

[SECURITY] [DSA 3049-1] wireshark security update

2014-10-15 Thread Moritz Muehlenhoff
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3049-1 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff October 14, 2014

[SE-2014-01] Breaking Oracle Database through Java exploits (details)

2014-10-15 Thread Security Explorations
Hello All, Oracle Oct 2014 CPU addresses 22 security issues affecting Java VM implementation embedded in Oracle Database software. We have published details of the fixed issues and a description of some privilege elevation techniques abusing a complete Java security sandbox bypass condition

PayPal Inc BB #98 MOS - Persistent Settings Vulnerability

2014-10-15 Thread Vulnerability Lab
Document Title: === PayPal Inc BB #98 MOS - Persistent Settings Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=983 Release Date: = 2014-10-13 Vulnerability Laboratory ID (VL-ID):

PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability

2014-10-15 Thread Vulnerability Lab
Document Title: === PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=940 http://www.vulnerability-lab.com/get_content.php?id=1274 Release Date: = 2014-10-02

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

2014-10-15 Thread Vulnerability Lab
Document Title: === Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1303 Release Date: = 2014-10-13 Vulnerability Laboratory ID (VL-ID):

Paypal Inc MultiOrderShipping API - Filter Bypass Persistent XML Vulnerability

2014-10-15 Thread Vulnerability Lab
Document Title: === Paypal Inc MultiOrderShipping API - Filter Bypass Persistent XML Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1129 PayPal Security UID: TM13a2uL Release Date: = 2014-10-14

Multiple Cross-Site Scripting (XSS) in WP Google Maps WordPress Plugin

2014-10-15 Thread High-Tech Bridge Security Research
Advisory ID: HTB23236 Product: WP Google Maps WordPress plugin Vendor: WP Google Maps Vulnerable Version(s): 6.0.26 and probably prior Tested Version: 6.0.26 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: September 29,

Reflected Cross-Site Scripting (XSS) in MaxButtons WordPress Plugin

2014-10-15 Thread High-Tech Bridge Security Research
Advisory ID: HTB23237 Product: MaxButtons WordPress plugin Vendor: Max Foundry Vulnerable Version(s): 1.26.0 and probably prior Tested Version: 1.26.0 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: October 2, 2014

SEC Consult SA-20141015-0 :: Potential Cross-Site Scripting in ADF Faces

2014-10-15 Thread SEC Consult Vulnerability Lab
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20141015-0 === title: Potential Cross-Site Scripting product: ADF Faces vulnerable version: 12.1.2.0