date:20161229

[FD] SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074)

2016-12-29 Thread Dawid Golunski

Vulnerability: SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074) Discovered by: Dawid Golunski (@dawid_golunski) https://legalhackers.com Severity: CRITICAL Desc: An independent research uncovered a critical vulnerability in SwiftMailer that could potentially be used by

Re: [FD] [RT-SA-2016-001] Padding Oracle in Apache mod_session_crypto

2016-12-29 Thread Erik Auerswald

Hi, On Tue, Dec 27, 2016 at 09:01:49AM -0800, Tim wrote: > [...] > > > > But there still are people who use CBC... > > [...] > > All traditional modes that lack integrity protection are vulnerable to > chosen-ciphertext attacks in these kinds of scenarios. > [...] > All traditional modes need a

[FD] Executable installers are vulnerable^WEVIL (case 42): SoftMaker's FreeOffice installer allows escalation of privilege

2016-12-29 Thread Stefan Kanthak

Hi @ll, the installers of SoftMaker's FreeOffice 2016, "freeoffice2016.exe", available from , and its predecessor FreeOffice 2010, "freeofficewindows.exe", available from , are (surprise.-)

[FD] SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074)

Re: [FD] [RT-SA-2016-001] Padding Oracle in Apache mod_session_crypto

[FD] Executable installers are vulnerable^WEVIL (case 42): SoftMaker's FreeOffice installer allows escalation of privilege

3 matches

Site Navigation

Mail list logo

Footer information