BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 5 min 5 sec ago

Cross-Site Request Forgery in Icegram WordPress Plugin

July 19, 2016 - 4:13pm

Posted by Summer of Pwnage on Jul 19

------------------------------------------------------------------------
Cross-Site Request Forgery in Icegram WordPress Plugin
------------------------------------------------------------------------
Yorick Koster, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A Cross-Site Request Forgery vulnerability was found in the Icegram...
Categories:

Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin

July 19, 2016 - 3:00pm

Posted by Summer of Pwnage on Jul 19

------------------------------------------------------------------------
Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress
Plugin
------------------------------------------------------------------------
Han Sahin, July 2016

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Multiple reflected Cross-Site Scripting (XSS)...
Categories:

Executable installers are vulnerable^WEVIL (case 35): eclipse-inst-win*.exe vulnerable to DLL and EXE hijacking

July 19, 2016 - 2:51pm

Posted by Stefan Kanthak on Jul 19

Hi @ll,

eclipse-inst-win32.exe (and of course eclipse-inst-win64.exe
too) loads and executes multiple DLLs (in version 4.5 also
CMD.EXE) from its "application directory".

* version 4.5 ("Mars") on Windows 7:
UXTheme.dll, WindowsCodecs.dll, AppHelp.dll, SrvCli.dll,
Slc.dll, NTMarta.dll, ProfAPI.dll, SAMLib.dll

* version 4.6 ("Neon") on Windows 7:
IEFrame.dll, Version.dll

* version 4.5 on Windows XP:...
Categories:

Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186)

July 19, 2016 - 2:43pm

Posted by Vulnerability Lab on Jul 19

Document Title:
===============
Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186)

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1869

Security Release: https://www.djangoproject.com/weblog/2016/jul/18/security-releases/

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6186

CVE-ID:
=======
CVE-2016-6186

Release Date:
=============
2016-07-19

Vulnerability...
Categories:

APPLE-SA-2016-07-18-6 iTunes 12.4.2

July 19, 2016 - 2:33pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-6 iTunes 12.4.2

iTunes 12.4.2 for Windows is now available and addresses the following:

libxml2
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-4447 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-4448 : Apple
CVE-2016-4483 :...
Categories:

APPLE-SA-2016-07-18-5 Safari 9.1.2

July 19, 2016 - 2:24pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-5 Safari 9.1.2

Safari 9.1.2 is now available and addresses the following:

WebKit
Available for: OS X El Capitan v10.11.6
Impact: Visiting a malicious website may disclose image data from
another website
Description: A timing issue existed in the processing of SVG. This
issue was addressed through improved validation.
CVE-2016-4583 : Roeland Krak

WebKit
Available for: OS X El Capitan v10.11.6
Impact: Visiting a...
Categories:

APPLE-SA-2016-07-18-4 tvOS 9.2.2

July 19, 2016 - 1:59pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-4 tvOS 9.2.2

tvOS 9.2.2 is now available and addresses the following:

CoreGraphics
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com
/vulnerability-reports)

ImageIO
Available for: Apple TV (4th generation)
Impact: A...
Categories:

APPLE-SA-2016-07-18-3 watchOS 2.2.2

July 19, 2016 - 1:29pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-3 watchOS 2.2.2

watchOS 2.2.2 is now available and addresses the following:

CoreGraphics
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-2016-4637 : Tyler Bohan of Cisco Talos (talosintel.com
/vulnerability-reports)

ImageIO...
Categories:

APPLE-SA-2016-07-18-2 iOS 9.3.3

July 19, 2016 - 1:19pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-2 iOS 9.3.3

iOS 9.3.3 is now available and addresses the following:

Calendar
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted calendar invite may cause a device to
unexpectedly restart
Description: A null pointer dereference was addressed through
improved memory handling.
CVE-2016-4605 : Henry Feldman MD at Beth Israel Deaconess Medical
Center...
Categories:

APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004

July 19, 2016 - 1:09pm

Posted by Apple Product Security on Jul 19

APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update
2016-004

OS X El Capitan v10.11.6 and Security Update 2016-004 is now
available and addresses the following:

apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: Multiple issues existed in PHP versions prior to
5.5.36. These were addressed by updating PHP to...
Categories:

[SECURITY] [DSA 3622-1] python-django security update

July 19, 2016 - 12:58pm

Posted by Salvatore Bonaccorso on Jul 19

-------------------------------------------------------------------------
Debian Security Advisory DSA-3622-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : python-django
CVE ID : CVE-2016-6186

It was...
Categories:

[CVE-2016-1281] NOT FIXED: VeraCrypt*Setup*.exe still vulnerable to DLL hijacking

July 18, 2016 - 12:18pm

Posted by Stefan Kanthak on Jul 18

Hi @ll,

this is basically a followup to <http://seclists.org/oss-sec/2016/q1/58>

CVE-2016-1281 is NOT FIXED!

I've retested the current "VeraCrypt Setup 1.17.exe" on a fully
patched Windows 7, and it is STILL (or AGAIN) vulnerable there.

The following DLLs are loaded from the "application directory"
and their DllMain() executed: VSSAPI.dll, ATL.dll, VSSTrace.dll.

See <...
Categories:

[SECURITY] [DSA 3621-1] mysql-connector-java security update

July 18, 2016 - 12:06pm

Posted by Salvatore Bonaccorso on Jul 18

-------------------------------------------------------------------------
Debian Security Advisory DSA-3621-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 18, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mysql-connector-java
CVE ID : CVE-2015-2575

A...
Categories:

[Remote Format String Exploit] Axis Communications MPQT/PACS Server Side Include (SSI) Daemon

July 18, 2016 - 3:30am

Posted by bashis on Jul 18

#!/usr/bin/env python2.7
#
# [SOF]
#
# [Remote Format String Exploit] Axis Communications MPQT/PACS Server Side Include (SSI) Daemon
# Research and development by bashis <mcw noemail eu> 2016
#
# This format string vulnerability has following characteristic:
# - Heap Based (Exploiting string located on the heap)
# - Blind Attack (No output the remote attacker)(*)
# - Remotly exploitable (As anonymous, no credentials needed)
#
# (*) Not so...
Categories:

Multiple vulns in Vodafone EasyBox 804

July 18, 2016 - 12:25am

Posted by Tim Schughart on Jul 17

Hi@all

#### General Information
## Report history:
Since 01.05. we have contacted the support of Vodafone 3 times. There has been no response until today.
Toady we release the vulnerabilities in hope that Vodafone will react.

## Vendor Information:
Vodafone is worldwide operating ISP.
Quotation of vodafone.com - about us:
"
Today, more than 400 million customers around the world choose us.

In 30 years, a small mobile operator in Newbury...
Categories:

[SECURITY] [DSA 3620-1] pidgin security update

July 18, 2016 - 12:04am

Posted by Salvatore Bonaccorso on Jul 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-3620-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 15, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : pidgin
CVE ID : CVE-2016-2365 CVE-2016-2366...
Categories:

[SECURITY] [DSA 3619-1] libgd2 security update

July 15, 2016 - 11:06am

Posted by Salvatore Bonaccorso on Jul 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3619-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 15, 2016 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libgd2
CVE ID : CVE-2016-5116 CVE-2016-5766...
Categories: