Feed aggregator

Bugtraq: HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability
Categories:

Bugtraq: [SECURITY] [DSA 3263-1] proftpd-dfsg security update

[SECURITY] [DSA 3263-1] proftpd-dfsg security update
Categories:

Eisbär SCADA (All Versions - iOS, Androi d & W8) - Persistent UI Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 9:26am

Posted by Vulnerability Lab on May 20

Document Title:
===============
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1456

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
====================================
1456

Common Vulnerability Scoring System:
====================================
5.2

Product & Service Introduction:...
Categories:

Stored XSS in WP Photo Album Plus WordPress Plugin

BugTraq Latest Security Advisories - May 20, 2015 - 9:19am

Posted by High-Tech Bridge Security Research on May 20

Advisory ID: HTB23257
Product: WP Photo Album Plus WordPress Plugin
Vendor: J.N. Breetvelt
Vulnerable Version(s): 6.1.2 and probably prior
Tested Version: 6.1.2
Advisory Publication: April 29, 2015 [without technical details]
Vendor Notification: April 29, 2015
Vendor Patch: April 29, 2015
Public Disclosure: May 20, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-3647
Risk Level: Medium
CVSSv2 Base Score: 5...
Categories:

WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 9:10am

Posted by Vulnerability Lab on May 20

Document Title:
===============
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1498

Release Date:
=============
2015-05-18

Vulnerability Laboratory ID (VL-ID):
====================================
1498

Common Vulnerability Scoring System:
====================================
6

Product & Service Introduction:...
Categories:

[SECURITY] [DSA 3265-1] zendframework security update

BugTraq Latest Security Advisories - May 20, 2015 - 9:00am

Posted by David Prévot on May 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3265-1 security () debian org
http://www.debian.org/security/ David Prévot
May 20, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : zendframework
CVE ID : CVE-2014-2681...
Categories:

Staff FTP v3.04 Software - DLL Hijacking Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 8:53am

Posted by Vulnerability Lab on May 20

Document Title:
===============
Staff FTP v3.04 Software - DLL Hijacking Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1499

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
====================================
1499

Common Vulnerability Scoring System:
====================================
6

Product & Service Introduction:...
Categories:

HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 8:46am

Posted by Vulnerability Lab on May 20

Document Title:
===============
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1496

Release Date:
=============
2015-05-19

Vulnerability Laboratory ID (VL-ID):
====================================
1496

Common Vulnerability Scoring System:
====================================
3.5

Product & Service Introduction:...
Categories:

ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 8:37am

Posted by akashchavan0708 on May 20

=========================================================================================
CSRF Vulnerability in ManageEngine EventLog Analyzer Version :10.0, Build Number : 10001
=========================================================================================

. contents:: Table Of Content

Overview
========

* Title : ManageEngine EventLog Analyzer Version 10.0 Cross Site Request Forgery
* Author: Akash S. Chavan
* Product Homepage:...
Categories:

Staff FTP v3.04 Software - DLL Hijacking Vulnerability

BugTraq Latest Security Advisories - May 20, 2015 - 8:31am

Posted by metacom27 on May 20

A local dll injection vulnerability has been discovered in the official Staff-FTP v3.04 software.
The issue allows local attackers to inject code to vulnerable libraries to compromise the process or to gain higher
access privileges.

The windows software is vulnerable to dll hijacking attacks. The vulnerability is located in the netapi32.dll and
dwmapi.dll file extensions.
The software does not specify the fully qualified path to a...
Categories:

[SECURITY] [DSA 3263-1] proftpd-dfsg security update

BugTraq Latest Security Advisories - May 20, 2015 - 8:22am

Posted by Sebastien Delafond on May 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3263-1 security () debian org
http://www.debian.org/security/ Sebastien Delafond
May 19, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : proftpd-dfsg
CVE ID : CVE-2015-3306
Debian Bug...
Categories:

Bugtraq: [SECURITY] [DSA 3264-1] icedove security update

[SECURITY] [DSA 3264-1] icedove security update
Categories:

Bugtraq: [security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow
Categories:

Bugtraq: APPLE-SA-2015-05-19-1 Watch OS 1.0.1

APPLE-SA-2015-05-19-1 Watch OS 1.0.1
Categories:

Bugtraq: [security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access

[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access
Categories:

[SECURITY] [DSA 3264-1] icedove security update

BugTraq Latest Security Advisories - May 20, 2015 - 8:14am

Posted by Moritz Muehlenhoff on May 20

-------------------------------------------------------------------------
Debian Security Advisory DSA-3264-1 security () debian org
http://www.debian.org/security/ Moritz Muehlenhoff
May 19, 2015 http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : icedove
CVE ID : CVE-2015-0797 CVE-2015-2708...
Categories:

[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

BugTraq Latest Security Advisories - May 20, 2015 - 8:05am

Posted by security-alert on May 20

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c04594015

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c04594015
Version: 1

HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2015-05-19
Last Updated: 2015-05-19

Potential...
Categories:

Bugtraq: WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability

WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability
Categories:

Bugtraq: [SECURITY] [DSA 3175-2] kfreebsd-9 security update

[SECURITY] [DSA 3175-2] kfreebsd-9 security update
Categories:

3.12.43: longterm

Linux Kernel Updates - May 20, 2015 - 4:15am
Version:3.12.43 (longterm) Released:2015-05-20 Source:linux-3.12.43.tar.xz PGP Signature:linux-3.12.43.tar.sign Patch:patch-3.12.43.xz (Incremental) ChangeLog:ChangeLog-3.12.43