Mozilla Firefox Multiple Security Vulnerabilities
Monthly Archives: August 2016
Cross-Site Scripting in WordPress Landing Pages Plugin
Posted by Summer of Pwnage on Aug 03
————————————————————————
Cross-Site Scripting in WordPress Landing Pages Plugin
————————————————————————
Burak Kelebek, July 2016
————————————————————————
Abstract
————————————————————————
A reflected Cross-Site Scripting (XSS) vulnerability has been found…
Cross-Site Scripting in Activity Log WordPress Plugin
Posted by Summer of Pwnage on Aug 03
————————————————————————
Cross-Site Scripting in Activity Log WordPress Plugin
————————————————————————
Yorick Koster, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the Activity Log…
Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin
Posted by Summer of Pwnage on Aug 03
————————————————————————
Cross-Site Scripting vulnerability in search function Activity Log
WordPress Plugin
————————————————————————
Edwin Molenaar, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability…
Fixing ‘This Internet’ Before It Breaks Again
Dan Kaminsky advocates fixing today’s internet before it breaks the same way it did in the 1990s.
Cisco Releases Security Updates
Original release date: August 03, 2016
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow an unauthenticated remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability
- Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability
- Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability
- Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Unauthorized Access Vulnerability
- Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability
- Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability
- Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability
This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates
Original release date: August 03, 2016
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Available updates include:
- Firefox 48
- Firefox ESR 45.3
Users and administrators are encouraged to review the Mozilla Security Advisories for Firefox and Firefox ESR and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
WordPress Activity Log 2.3.2 Cross Site Scripting
WordPress Activity Log plugin version 2.3.2 suffers from a cross site scripting vulnerability in the search function.
WordPress Landing Pages 2.2.4 Cross Site Scripting
WordPress Landing Pages plugin version 2.2.4 suffers from a cross site scripting vulnerability.
Debian Security Advisory 3640-1
Debian Linux Security Advisory 3640-1 – Multiple security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code, cross-site scripting, information disclosure and bypass of the same-origin policy.