An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30902162. References: Qualcomm QC-CR#1062271.
Monthly Archives: November 2016
CVE-2016-6752 (android)
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-31498159. References: Qualcomm QC-CR#987051.
CVE-2016-6753 (android)
An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174.
CVE-2016-6754
A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. This issue is rated as High due to the possibility of remote code execution in an unprivileged process. Android ID: A-31217937.
How malware and vulnerabilities get their names
You may have heard names like Cryptolocker or Heartbleed and wondered: Who comes up with these names? Why? The next question you may have is: Do all viruses and vulnerabilities get named?
Bugtraq: [SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update
[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update
Bugtraq: [SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update
[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update
Bugtraq: Call for Participation – 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic
Call for Participation – 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic
Bugtraq: Call for Participation – 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic
Call for Participation – 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic
NEW VMSA-2016-0021 VMware product updates address partial information disclosure vulnerability
Posted by VMware Security Response Center on Nov 25
??—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
– —————————————————————————
– –
VMware Security Advisory
Advisory ID: VMSA-2016-0021
Severity: Moderate
Synopsis: VMware product updates address partial information disclosure
vulnerability
Issue date: 2016-11-22
Updated on: 2016-11-22 (Initial Advisory)
CVE number: CVE-2016-5334
1. Summary…