==
Secunia Research 2016/11/10
Microsoft Windows OTF Parsing Table Encoding Record Offset
Vulnerability
==
CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s MATLAB
Parser
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: 1.6-1.13
Description: Apache Tika wraps the jmatio parser
(https://github.com/gradusnikov/jmatio) to handle MATLAB files.
==
Secunia Research 2016/11/10
Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability
==
Table of Contents
Affected
==
Secunia Research 2016/11/10
Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability
==
Table of Contents
Affected
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
eight entry in that series, although this particular vulnerability does
not just affect web-browsers, but all applications that use WININET to
make HTTP requests.
Document Title:
===
Blind SQL Injection Vulnerability in Exponent CMS 2.4.0
References (Source):
https://exponentcms.lighthouseapp.com/projects/61783/tickets/1394-blind-sql-injection-vulnerability-in-exponent-cms-240-4
Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I've not released before. This is the
seventh entry in that series.
The below information is available in more detail on my blog at
http://blog.skylined.nl/20161109001.html. There you can find a repro