-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-02-21-1 GarageBand 10.1.6
GarageBand 10.1.6 is now available and addresses the following:
Projects
Available for: OS X Yosemite v10.10 or later
Impact: Opening a maliciously crafted GarageBand Project file may
lead to arbitrary code
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/PHPSHELL-v2.4-CROSS-SITE-SCRIPTING.txt
[+] ISR: ApparitionSec
Vendor:
==
sourceforge.net/projects/phpshell/
phpshell.sourceforge.net/
Product:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
Logic Pro X 10.3.1 is now available and addresses the following:
Projects
Available for: OS X Yosemite v10.10 or later (64 bit)
Impact: Opening a maliciously crafted GarageBand Project file may
lead to
Overview
Recently, an vulnerability in Java's FTP URL handling code has been published
which allows for protocol stream injection. It has been shown[1] that this flaw
could be used to leverage existing XXE or SSRF vulnerabilities to send
unauthorized email from Java applications via the SMTP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Advisory ID: SYSS-2016-117
Product: ABUS Secvest (FUAA5)
Manufacturer: ABUS
Affected Version(s): v1.01.00
Tested Version(s): v1.01.00
Vulnerability Type: Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
# Exploit Title: NETGEAR Firmware DGN2200v1/v2/v3/v4 NON-ADMIN AUTHENTICATED RCE
# Date: 2017-02-18
# Exploit Author: SivertPL
# Vendor Homepage: http://netgear.com/
# Software Link:
[+] Credits: John Page AKA Hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SAWMILL-PASS-THE-HASH-AUTHENTICATION-BYPASS.txt
[+] ISR: ApparitionSec
Vendor:
===
www.sawmill.net
Product:
Sawmill
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/PHPSHELL-v2.4-SESSION-FIXATION.txt
[+] ISR: ApparitionSec
Vendor:
==
sourceforge.net/projects/phpshell/
phpshell.sourceforge.net/