Original release date: October 11, 2016
Microsoft has released 10 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Microsoft Security Bulletins MS16-118 through MS16-127 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: October 11, 2016
Adobe has released security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-32 and APSB16-34 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
Posted by VMware Security Response Center on Oct 11
—————————————————————————
—
VMware Security Advisory
Advisory ID: VMSA-2016-0016
Severity: Critical
Synopsis: vRealize Operations (vROps) updates address privilege
escalation
vulnerability
Issue date: 2016-10-11
Updated on: 2016-10-11 (Initial Advisory)
CVE number: CVE-2016-7457
1. Summary
vRealize Operations (vROps) updates address…
Microsoft released 10 security bulletins on Patch Tuesday that included patches for five zero day vulnerabilities under attack that had not been publicly disclosed until today.
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-057: Oracle E-Business Suite Cross Site Scripting (XSS)
1. Impact on Business
=====================
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users
connected to the system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-056: Oracle E-Business Suite Cross Site Scripting (XSS)
1. Impact on Business
=====================
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users
connected to the system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-055: Oracle E-Business Suite Cross Site Scripting (XSS)
1. Impact on Business
=====================
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users
connected to the system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-053: Oracle E-Business Suite Cross Site Scripting (XSS)
1. Impact on Business
=====================
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users
connected to the system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-052: Oracle E-Business Suite Cross Site Scripting (XSS)
1. Impact on Business
=====================
By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users
connected to the system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID:…
Posted by Onapsis Research on Oct 11
Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could hide audit information logged by the SAP system.
Risk Level: Low
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID: ONAPSIS-2016-051
– Onapsis SVS ID: ONAPSIS-00247
– CVE: CVE-2016-7437
-…