Severity Rating: Important
Revision Note: V1.0 (February 10, 2015): Bulletin published.
Summary: This security update resolves one publicly disclosed vulnerability in Microsoft Office. The vulnerability could allow security feature bypass if a user opens a specially crafted Microsoft Office file. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this security feature bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.
Monthly Archives: February 2015
MS15-016 – Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3029944) – Version: 1.0
Severity Rating: Important
Revision Note: V1.0 (February 10, 2015): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing a specially crafted TIFF image. This vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.
Debian Security Advisory 3158-1
Debian Linux Security Advisory 3158-1 – Michal Zalewski and Hanno Boeck discovered several vulnerabilities in unrtf, a RTF to other formats converter, leading to a denial of service (application crash) or, potentially, the execution of arbitrary code.
HP Security Bulletin HPSBGN03251 1
HP Security Bulletin HPSBGN03251 1 – A potential security vulnerability has been identified with HP Storage Essentials running SSLv3. This is the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” also known as “Poodle”, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
Multiple Adobe Flash Player code execution vulnerabilities
Multiple vulnerabilities in Adobe Flash Player could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. Adobe is aware of reports that an exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older versions of Flash Player.
DSA-3159 ruby1.8 – security update
It was discovered that the REXML parser, part of the interpreter for the
Ruby language, could be coerced into allocating large string objects that
could consume all available memory on the system. This could allow remote
attackers to cause a denial of service (crash).
Vuln: Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
DARPA Hacks GM's OnStar To Remote Control A Chevrolet Impala
Android Futex Requeue Kernel Exploit
This Metasploit module exploits a bug in futex_requeue in the linux kernel. Any android phone with a kernel built before June 2014 should be vulnerable.
WordPress WP EasyCart Unrestricted File Upload
WordPress Shopping Cart (WP EasyCart) Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /inc/amfphp/administration/banneruploaderscript.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server. In versions 3.0.8 and below authentication can be done by using the WordPress credentials of a user with any role. In later versions, a valid EasyCart admin password will be required that is in use by any admin user. A default installation of EasyCart will setup a user called “demouser” with a preset password