FundaciĆ³n Dr. Manuel Sadosky - Programa STIC Advisory
www.fundacionsadosky.org.ar
Heap memory corruption in ASN.1 parsing code generated by Objective
Systems Inc. ASN1C compiler for C/C++
1. *Advisory Information*
Title: Heap memory corruption in ASN.1
Multiple SQL injection vulnerabilities in WordPress Video Player
David Vaartjes & Yorick Koster, July 2016
Cross-Site Request Forgery in Icegram WordPress Plugin
Yorick Koster, July 2016
Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress
Plugin
Han Sahin, July 2016
Hi @ll,
eclipse-inst-win32.exe (and of course eclipse-inst-win64.exe
too) loads and executes multiple DLLs (in version 4.5 also
CMD.EXE) from its "application directory".
* version 4.5 ("Mars") on Windows 7:
UXTheme.dll, WindowsCodecs.dll, AppHelp.dll, SrvCli.dll,
Slc.dll, NTMarta.dll,
Document Title:
===
Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability
(CVE-2016-6186)
References (Source):
http://www.vulnerability-lab.com/get_content.php?id=1869
Security Release:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-6 iTunes 12.4.2
iTunes 12.4.2 for Windows is now available and addresses the following:
libxml2
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed
through improved memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-5 Safari 9.1.2
Safari 9.1.2 is now available and addresses the following:
WebKit
Available for: OS X El Capitan v10.11.6
Impact: Visiting a malicious website may disclose image data from
another website
Description: A timing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-4 tvOS 9.2.2
tvOS 9.2.2 is now available and addresses the following:
CoreGraphics
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-3 watchOS 2.2.2
watchOS 2.2.2 is now available and addresses the following:
CoreGraphics
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A remote attacker may be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-2 iOS 9.3.3
iOS 9.3.3 is now available and addresses the following:
Calendar
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted calendar invite may cause
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update
2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now
available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3622-1 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2016
13 matches
Mail list logo