UDID+ version 2.5 suffers from a command injection vulnerability.
Monthly Archives: July 2015
Red Hat Security Advisory 2015-1242-01
Red Hat Security Advisory 2015-1242-01 – Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
Red Hat Security Advisory 2015-1243-01
Red Hat Security Advisory 2015-1243-01 – Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
Red Hat Security Advisory 2015-1241-01
Red Hat Security Advisory 2015-1241-01 – Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
Huge Morrisons data breach due to employee with grudge, court hears
A Morrisons employee with a grudge was responsible for posting personal data of nearly 100,000 staff onto the internet, a court heard.
The post Huge Morrisons data breach due to employee with grudge, court hears appeared first on We Live Security.
Fedora EPEL 6 Security Update: xrdp-0.6.1-4.el6
Resolved Bugs
1194213 – xrdp: denial of service when validating user accounts against plain passwd files/via shadow-utils<br
Attempt to fix this DoS.
Fedora EPEL 5 Security Update: xrdp-0.6.1-4.el5
Resolved Bugs
1194213 – xrdp: denial of service when validating user accounts against plain passwd files/via shadow-utils<br
Attempt to fix this DoS.
Fedora EPEL 7 Security Update: zabbix22-2.2.9-1.el7
Oracle E-Business Suite Open Redirection
Oracle E-Business Suite is prone to a remote URL-redirection vulnerability. This vulnerability may allow a malicious user to perform a phishing attack by sending a crafted URL of Oracle E-Business Suite Form Servlet page to another user. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Versions affected include 11.5.10.2, 12.0.6, and 12.1.3.
Threatpost News Wrap, July 17, 2015
Dennis Fisher and Mike Mimoso talk about all of the patches from Microsoft, Adobe and Oracle, the Flash security saga and the Darkode forum takedown.