Feed aggregator

Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

BugTraq Latest Security Advisories - October 15, 2014 - 8:57am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
Paypal Inc MultiOrderShipping API - Filter Bypass & Persistent XML Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1129

PayPal Security UID: TM13a2uL

Release Date:
=============
2014-10-14

Vulnerability Laboratory ID (VL-ID):
====================================
1129

Common Vulnerability Scoring System:
====================================
4.1...
Categories:

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

BugTraq Latest Security Advisories - October 15, 2014 - 8:48am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1303

Release Date:
=============
2014-10-13

Vulnerability Laboratory ID (VL-ID):
====================================
1303

Common Vulnerability Scoring System:
====================================
3.6

Product & Service Introduction:...
Categories:

PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability

BugTraq Latest Security Advisories - October 15, 2014 - 8:38am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
PayPal Inc #90 PDF Mailer - Buffer Overflow Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=940
http://www.vulnerability-lab.com/get_content.php?id=1274

Release Date:
=============
2014-10-02

Vulnerability Laboratory ID (VL-ID):
====================================
940

Common Vulnerability Scoring System:
====================================
5.1...
Categories:

PayPal Inc BB #98 MOS - Persistent Settings Vulnerability

BugTraq Latest Security Advisories - October 15, 2014 - 8:28am

Posted by Vulnerability Lab on Oct 15

Document Title:
===============
PayPal Inc BB #98 MOS - Persistent Settings Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=983

Release Date:
=============
2014-10-13

Vulnerability Laboratory ID (VL-ID):
====================================
983

Common Vulnerability Scoring System:
====================================
4.1

Product & Service Introduction:...
Categories:

[SE-2014-01] Breaking Oracle Database through Java exploits (details)

BugTraq Latest Security Advisories - October 15, 2014 - 8:19am

Posted by Security Explorations on Oct 15

Hello All,

Oracle Oct 2014 CPU addresses 22 security issues affecting Java VM
implementation embedded in Oracle Database software.

We have published details of the fixed issues and a description of
some privilege elevation techniques abusing a complete Java security
sandbox bypass condition for gaining DBA role in an environment of
Oracle Database software.

All relevant materials accompanied with Proof of Concept codes can
be found at our...
Categories:

[SECURITY] [DSA 3049-1] wireshark security update

BugTraq Latest Security Advisories - October 15, 2014 - 8:09am

Posted by Moritz Muehlenhoff on Oct 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-3049-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
October 14, 2014 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : wireshark
CVE ID : CVE-2014-6422 CVE-2014-6423...
Categories:

two browser mem disclosure bugs (CVE-2014-1580 and CVE-something-or-other)

BugTraq Latest Security Advisories - October 15, 2014 - 8:00am

Posted by Michal Zalewski on Oct 15

First of all, CVE-2014-1580 (MSFA 2014-78) is a bug that caused
Firefox prior to version 33 (released today) to leak bits of
uninitialized memory when rendering certain types of truncated images
onto <canvas>.

Mozilla's advisory is here:
https://www.mozilla.org/security/announce/2014/mfsa2014-78.html

Bug is here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1063733

PoC is here:
http://lcamtuf.coredump.cx/ffgif2/

Secondly, MSRC case...
Categories:

LiveZilla 5.3.0.7 Security Issue

BugTraq Latest Security Advisories - October 15, 2014 - 7:52am

Posted by sourav . infosec on Oct 15

I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is
5.3.0.8 / 2014-09-25.

http://changelog.livezilla.net/

Can you help me regarding CVE. I can send you the vulnerability details.
Categories:

Bugtraq: [security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage (SMH), Remote Cross-Site Request Forgery

Security Focus Latest Security Advisories - October 15, 2014 - 7:45am
[security bulletin] HPSBUX03139 SSRT101608 rev.1 - HP-UX running System Management Homepage (SMH), Remote Cross-Site Request Forgery
Categories:

Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager

Security Focus Latest Security Advisories - October 15, 2014 - 7:45am
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager
Categories:

Bugtraq: [security bulletin] HPSBGN03138 rev.1 - HP Operations Analytics running Bash Shell, Remote Code Execution

Security Focus Latest Security Advisories - October 15, 2014 - 7:45am
[security bulletin] HPSBGN03138 rev.1 - HP Operations Analytics running Bash Shell, Remote Code Execution
Categories:

Bugtraq: [security bulletin] HPSBMU03133 rev.1 - HP Enterprise Maps Virtual Appliance running Bash Shell, Remote Code Execution

Security Focus Latest Security Advisories - October 15, 2014 - 7:45am
[security bulletin] HPSBMU03133 rev.1 - HP Enterprise Maps Virtual Appliance running Bash Shell, Remote Code Execution
Categories:

3.17.1: stable

Linux Kernel Updates - October 15, 2014 - 5:29am
Version:3.17.1 (stable) Released:2014-10-15 Source:linux-3.17.1.tar.xz PGP Signature:linux-3.17.1.tar.sign Patch:patch-3.17.1.xz ChangeLog:ChangeLog-3.17.1

3.16.6: stable

Linux Kernel Updates - October 15, 2014 - 5:06am
Version:3.16.6 (stable) Released:2014-10-15 Source:linux-3.16.6.tar.xz PGP Signature:linux-3.16.6.tar.sign Patch:patch-3.16.6.xz (Incremental) ChangeLog:ChangeLog-3.16.6

3.14.22: longterm

Linux Kernel Updates - October 15, 2014 - 1:42am
Version:3.14.22 (longterm) Released:2014-10-15 Source:linux-3.14.22.tar.xz PGP Signature:linux-3.14.22.tar.sign Patch:patch-3.14.22.xz (Incremental) ChangeLog:ChangeLog-3.14.22

3.10.58: longterm

Linux Kernel Updates - October 15, 2014 - 1:32am
Version:3.10.58 (longterm) Released:2014-10-15 Source:linux-3.10.58.tar.xz PGP Signature:linux-3.10.58.tar.sign Patch:patch-3.10.58.xz (Incremental) ChangeLog:ChangeLog-3.10.58