Full Disclosure
Posted by SEC Consult Vulnerability Lab on Oct 15
SEC Consult Vulnerability Lab Security Advisory < 20141015-0 >
=======================================================================
title: Potential Cross-Site Scripting
product: ADF Faces
vulnerable version: 12.1.2.0
fixed version: versions with CPU Oct-2014 patch applied
impact: low
homepage: http://www.oracle.com/adf
found: 2014-05-01
by: W….
Posted by Vulnerability Lab on Oct 14
Document Title:
===============
Paypal Inc MultiOrderShipping API – Filter Bypass & Persistent XML Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1129
PayPal Security UID: TM13a2uL
Release Date:
=============
2014-10-14
Vulnerability Laboratory ID (VL-ID):
====================================
1129
Common Vulnerability Scoring System:
====================================
4.1…
Posted by Vulnerability Lab on Oct 14
Document Title:
===============
Indeed Job Search 2.5 iOS API – Multiple Vulnerabilities
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1303
Release Date:
=============
2014-10-13
Vulnerability Laboratory ID (VL-ID):
====================================
1303
Common Vulnerability Scoring System:
====================================
3.6
Product & Service Introduction:…
Posted by Vulnerability Lab on Oct 14
Document Title:
===============
PayPal Inc BB #98 MOS – Persistent Settings Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=983
Release Date:
=============
2014-10-13
Vulnerability Laboratory ID (VL-ID):
====================================
983
Common Vulnerability Scoring System:
====================================
4.1
Product & Service Introduction:…
Posted by Security Explorations on Oct 14
Hello All,
Oracle Oct 2014 CPU addresses 22 security issues affecting Java VM
implementation embedded in Oracle Database software.
We have published details of the fixed issues and a description of
some privilege elevation techniques abusing a complete Java security
sandbox bypass condition for gaining DBA role in an environment of
Oracle Database software.
All relevant materials accompanied with Proof of Concept codes can
be found at our…
Posted by Michal Zalewski on Oct 14
First of all, CVE-2014-1580 (MSFA 2014-78) is a bug that caused
Firefox prior to version 33 (released today) to leak bits of
uninitialized memory when rendering certain types of truncated images
onto <canvas>.
Mozilla’s advisory is here:
https://www.mozilla.org/security/announce/2014/mfsa2014-78.html
Bug is here:
https://bugzilla.mozilla.org/show_bug.cgi?id=1063733
PoC is here:
http://lcamtuf.coredump.cx/ffgif2/
Secondly, MSRC case…
Posted by oststrom (public) on Oct 14
Hash: SHA1
CVE-2013-2021 – vBulletin 5.x/4.x – persistent XSS in AdminCP/ApiLog via
xmlrpc API (post-auth)
============================================================================
====================
Overview
——–
date : 10/12/2014
cvss : 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) base
cwe : 79
vendor : vBulletin Solutions
product : vBulletin 4
versions affected : latest 4.x and 5.x (to date);…
Posted by Vitor Ventura on Oct 14
———- Mensagem encaminhada ———-
De: “Vitor Ventura” <ventura.vitor () gmail com>
Data: 14/10/2014 12:32
Assunto: Re: [FD] CSP Bypass on Android prior to 4.4
Para: “E Boogie” <evanjjohns () gmail com>
Cc:
Hello,
My testing was done on BQ aquaris 5 HD with android 4.2.1 using chrome.
It wasn’t vulnerable.
Regards
VV
Em 14/10/2014 00:12, “E Boogie” <evanjjohns () gmail com>…
Posted by Henri Salo on Oct 14
Can you confirm that this should be CVE-2014-2021 and not 2013 ID, thank you.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021 says:
“pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial
of service (out-of-bounds-read) via a crafted length value in an encrypted PDF
file.”
—
Henri Salo
Posted by Florian Weimer on Oct 14
* Dirk-Willem van Gulik:
More precisely, anything based on the historic BIND stub resolver code
(which is a lot) will escape certain characters while converting from
wire format to the textual representation, including “(“, *and* also
has a check (res_hnok) which refuses PTR records which do not follow
the rather strict syntactic requirements for host names.
Lack of quoting in a DNS API at this point means that essentially
arbitrary…