BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 36 min ago

MSIE 9 MSHTML CElement::Has­Flag memory corruption

December 9, 2016 - 8:33am

Posted by Berend-Jan Wever on Dec 09

Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-ninth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161209001.html. There you can find a repro
that triggered this issue in addition to the information below.

If you find these releases useful, and would like to help me make time
to continue releasing this kind...
Categories:

Symantec VIP Access Desktop Arbitrary DLL Execution

December 9, 2016 - 2:59am

Posted by apparitionsec on Dec 08

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-VIP-ACCESS-ARBITRARY-DLL-EXECUTION.txt

[+] ISR: ApparitionSec

Vendor:
================
www.symantec.com

Product:
===================
Symantec VIP Access
Desktop versions prior to 2.2.2

Vulnerability Type:
=======================
Arbitrary DLL Execution

CVE Reference:
==============
CVE-2016-6593...
Categories:

AST-2016-009: <br>

December 9, 2016 - 2:43am

Posted by Asterisk Security Team on Dec 08

Asterisk Project Security Advisory - ASTERISK-2016-009

Product Asterisk
Summary
Nature of Advisory Authentication Bypass
Susceptibility Remote unauthenticated sessions
Severity Minor
Exploits Known No...
Categories:

AST-2016-008: Crash on SDP offer or answer from endpoint using Opus

December 9, 2016 - 2:27am

Posted by Asterisk Security Team on Dec 08

Asterisk Project Security Advisory - AST-2016-008

Product Asterisk
Summary Crash on SDP offer or answer from endpoint using
Opus
Nature of Advisory Remote Crash
Susceptibility Remote unauthenticated sessions...
Categories:

CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details

December 8, 2016 - 6:14am

Posted by Berend-Jan Wever on Dec 08

Since November I have been releasing details on all vulnerabilities I
found that I have not released before. This is the twenty-eighth entry
in the series. This information is available in more detail on my blog
at http://blog.skylined.nl/20161208001.html. There you can find a repro
that triggered this issue in addition to the information below.

Today's release is again not very interesting, because it also was one
of the first bugs I found...
Categories:

[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information

December 8, 2016 - 1:05am

Posted by security-alert on Dec 07

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05349499

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c05349499
Version: 1

HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS,
Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

Microsoft Remote Desktop Client for Mac Remote Code Execution

December 8, 2016 - 12:48am

Posted by Filippo Cavallarin on Dec 07

Advisory ID: SGMA16-004
Title: Microsoft Remote Desktop Client for Mac Remote Code Execution
Product: Microsoft Remote Desktop Client for Mac
Version: 8.0.36 and probably prior
Vendor: www.microsoft.com
Vulnerability type: Undisclosed
Risk level: 4 / 5
Credit: filippo.cavallarin () wearesegment com
CVE: N/A
Vendor notification: 2016-07-13
Vendor fix: N/A
Public disclosure: N/A
Details

A vulnerability...
Categories:

[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security

December 7, 2016 - 10:18am

Posted by ESNC Security on Dec 07

[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for
SAP Security

Please refer to https://www.esnc.de for the original security
advisory, updates, and additional information.

----------------------------------------------------------------------
1. Business Impact
----------------------------------------------------------------------

According to PwC website:
- "Using the proprietary ACE software, we perform diagnostics...
Categories:

CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC

December 6, 2016 - 7:27am

Posted by Berend-Jan Wever on Dec 06

Since November I have been releasing details on all vulnerabilities I
found in web-browsers that I had not released before. I will try to
continue to publish all my old vulnerabilities, including those not in
web-browser, as long as I can find some time to do so. If you find this
information useful, you can help me make more time available by donating
bitcoin to 183yyxa9s1s1f7JBp­PHPmz­Q346y91Rx5DX.

This is the twenty-sixth entry in the...
Categories:

Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption

December 6, 2016 - 5:24am

Posted by Berend-Jan Wever on Dec 06

FYI: this link to my blog was 404 until early this morning. It is now up
if you are still interested in reading it.
Categories:

CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used

December 5, 2016 - 7:05am

Posted by Eissing Stefan on Dec 05

Security Advisory - Apache Software Foundation
Apache HTTPD WebServer / httpd.apache.org

Server memory can be exhausted and service denied when HTTP/2 is used

CVE-2016-8740

The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations
on request headers correctly when experimental module for the HTTP/2
protocol is used to access a resource.

The net result is that a the server...
Categories:

Microsoft MSINFO32.EXE ".NFO" Files XML External Entity

December 5, 2016 - 4:34am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt

[+] ISR: ApparitionSec

Vendor:
=================
www.microsoft.com

Product:
==========================
Windows System Information
MSINFO32.exe v6.1.7601

Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system components, and software...
Categories:

Microsoft Windows Media Center "ehshell.exe" XML External Entity

December 5, 2016 - 4:14am

Posted by apparitionsec on Dec 05

[+] Credits: John Page aka hyp3rlinx

[+] Website: hyp3rlinx.altervista.org

[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-MEDIA-CENTER-XXE-FILE-DISCLOSURE.txt

[+] ISR: ApparitionSec

Vendor:
==================
www.microsoft.com

Product:
==================================
Windows Media Center "ehshell.exe"
version 6.1.7600

Vulnerability Type:
====================
XML External Entity

CVE Reference:...
Categories: