Feed aggregator

Bugtraq: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

Security Focus Latest Security Advisories - August 31, 2015 - 5:30am
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host
Categories:

next-20150831: linux-next

Linux Kernel Updates - August 31, 2015 - 3:58am
Version:next-20150831 (linux-next) Released:2015-08-31

4.2: mainline

Linux Kernel Updates - August 30, 2015 - 1:34pm
Version:4.2 (mainline) Released:2015-08-30 Source:linux-4.2.tar.xz PGP Signature:linux-4.2.tar.sign Patch:patch-4.2.xz

next-20150828: linux-next

Linux Kernel Updates - August 28, 2015 - 3:22am
Version:next-20150828 (linux-next) Released:2015-08-28

Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

BugTraq Latest Security Advisories - August 27, 2015 - 11:30am

Posted by Rich Pieri on Aug 27

UAC is not a security boundary. It's purpose is to annoy users in order
to force vendors to fix their bad code:

http://www.cnet.com/news/microsoft-vista-feature-designed-to-annoy-users/
Categories:

Bugtraq: [security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code

Security Focus Latest Security Advisories - August 27, 2015 - 11:30am
[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code
Categories:

Bugtraq: [security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information

Security Focus Latest Security Advisories - August 27, 2015 - 11:30am
[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information
Categories:

Bugtraq: CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins

Security Focus Latest Security Advisories - August 27, 2015 - 11:30am
CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins
Categories:

[SECURITY] [DSA 3344-1] php5 security update

BugTraq Latest Security Advisories - August 27, 2015 - 11:21am

Posted by Sebastien Delafond on Aug 27

-------------------------------------------------------------------------
Debian Security Advisory DSA-3344-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
August 27, 2015 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php5
CVE ID : CVE-2015-4598 CVE-2015-4643...
Categories:

[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information

BugTraq Latest Security Advisories - August 27, 2015 - 11:11am

Posted by security-alert on Aug 27

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04772190

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04772190
Version: 2

HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-08-26
Last Updated:...
Categories:

Bugtraq: [security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information

Security Focus Latest Security Advisories - August 27, 2015 - 7:45am
[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information
Categories:

Bugtraq: [security bulletin] HPSBGN03399 rev.1 - HP BSM Connector (BSMC), Remote Unauthorized Modification, Disclosure of Information

Security Focus Latest Security Advisories - August 27, 2015 - 7:45am
[security bulletin] HPSBGN03399 rev.1 - HP BSM Connector (BSMC), Remote Unauthorized Modification, Disclosure of Information
Categories:

UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

BugTraq Latest Security Advisories - August 27, 2015 - 7:29am

Posted by vozzie on Aug 27

UAC Bypass Vulnerability in Windows Script Host.

The Windows Script Host executables suffer from a vulnerability due to a missing embedded manifest. Using another
exploit, the combination of "wusa.exe" and "makecab.exe" files can be copied to the Windows folder. Copies of a
manifest and the script host allow to execute the copied script host and bypass UAC warning messages in case the UAC
settings are default.

Both ZDI...
Categories:

[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code

BugTraq Latest Security Advisories - August 27, 2015 - 7:22am

Posted by security-alert on Aug 27

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04773272

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04773272
Version: 1

HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote
Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date:...
Categories:

next-20150827: linux-next

Linux Kernel Updates - August 27, 2015 - 3:18am
Version:next-20150827 (linux-next) Released:2015-08-27

3.12.47: longterm

Linux Kernel Updates - August 27, 2015 - 3:11am
Version:3.12.47 (longterm) Released:2015-08-27 Source:linux-3.12.47.tar.xz PGP Signature:linux-3.12.47.tar.sign Patch:patch-3.12.47.xz (Incremental) ChangeLog:ChangeLog-3.12.47

[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information

BugTraq Latest Security Advisories - August 26, 2015 - 1:57pm

Posted by security-alert on Aug 26

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04774058

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04774058
Version: 1

HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote
Unauthorized Disclosure of Information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release...
Categories:

Bugtraq: [security bulletin] HPSBGN03415 rev.1 - HP Operations Agent Virtual Appliance, Remote Disclosure of Information

Security Focus Latest Security Advisories - August 26, 2015 - 1:30pm
[security bulletin] HPSBGN03415 rev.1 - HP Operations Agent Virtual Appliance, Remote Disclosure of Information
Categories:

CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins

BugTraq Latest Security Advisories - August 26, 2015 - 12:32pm

Posted by grajalerts . noreply on Aug 26

Details
================
Software: YouTube Embed
Version: 3.3.2
Homepage: https://wordpress.org/plugins/youtube-embed/
CVE ID: CVE-2015-6535 (Pending)
CWE ID: CWE-79
CVSS: 5.5 (Medium; AV:N/AC:L/Au:S/C:P/I:P/A:N)

Description
================
A stored XSS vulnerability in YouTube Embed 3.3.2 (and possibly earlier versions) allows admin users to compromise
other admins and super admins.

YouTube Embed is a WordPress plugin with over 30,000...
Categories:

Bugtraq: [security bulletin] HPSBGN03414 rev.1 - HP Operations Agent, Remote Disclosure of Information

Security Focus Latest Security Advisories - August 26, 2015 - 12:15pm
[security bulletin] HPSBGN03414 rev.1 - HP Operations Agent, Remote Disclosure of Information
Categories: