Security News

X41 D-Sec GmbH Security Advisory X41-2019-002: Heap-based buffer overflow in Thunderbird

Full Disclosure - 14 June, 2019 - 14:25

Posted by X41 D-Sec GmbH Advisories on Jun 14

X41 D-Sec GmbH Security Advisory: X41-2019-002

Heap-based buffer overflow in Thunderbird
=========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553820
Vector: Incoming mail with calendar attachment
Credit: X41...

X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird

Full Disclosure - 14 June, 2019 - 14:25

Posted by X41 D-Sec GmbH Advisories on Jun 14

X41 D-Sec GmbH Security Advisory: X41-2019-001

Heap-based buffer overflow in Thunderbird
=========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553814
Vector: Incoming mail with calendar attachment
Credit: X41...

[SE-2019-01] Java Card vulnerabilities (post shutdown release)

Full Disclosure - 14 June, 2019 - 04:59

Posted by Adam Gowdiak on Jun 14

Hello All,

Original reports that were submitted to Oracle and Gemalto have been
posted to Security Explorations website:

http://www.security-explorations.com/javacard_details.html

This should help all interested parties to proceed with an independent
evaluation of the issues, but also judge Oracle and Gemalto stance with
respect to them.

Thank you.

Best Regards,
adam gowdiak

X41 D-Sec GmbH Security Advisory X41-2019-004: Type confusion in Thunderbird

Bug Traq - 14 June, 2019 - 01:13

Posted by X41 D-Sec GmbH Advisories on Jun 13

X41 D-Sec GmbH Security Advisory: X41-2019-004

Type confusion in Thunderbird
=============================
Severity Rating: Medium
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1555646
Vector: Incoming mail with calendar attachment
Credit: X41 D-SEC GmbH, Luis Merino...

[slackware-security] mozilla-thunderbird (SSA:2019-164-01)

Bug Traq - 14 June, 2019 - 01:13

Posted by Slackware Security Team on Jun 13

[slackware-security] mozilla-thunderbird (SSA:2019-164-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-60.7.1-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

X41 D-Sec GmbH Security Advisory X41-2019-003: Stack-based buffer overflow in Thunderbird

Bug Traq - 14 June, 2019 - 01:12

Posted by X41 D-Sec GmbH Advisories on Jun 13

X41 D-Sec GmbH Security Advisory: X41-2019-003

Stack-based buffer overflow in Thunderbird
==========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553808
Vector: Incoming mail with calendar attachment
Credit: X41...

X41 D-Sec GmbH Security Advisory X41-2019-002: Heap-based buffer overflow in Thunderbird

Bug Traq - 14 June, 2019 - 01:09

Posted by X41 D-Sec GmbH Advisories on Jun 13

X41 D-Sec GmbH Security Advisory: X41-2019-002

Heap-based buffer overflow in Thunderbird
=========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553820
Vector: Incoming mail with calendar attachment
Credit: X41...

X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird

Bug Traq - 14 June, 2019 - 01:00

Posted by X41 D-Sec GmbH Advisories on Jun 13

X41 D-Sec GmbH Security Advisory: X41-2019-001

Heap-based buffer overflow in Thunderbird
=========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553814
Vector: Incoming mail with calendar attachment
Credit: X41...

[SECURITY] [DSA 4462-1] dbus security update

Bug Traq - 14 June, 2019 - 00:56

Posted by Salvatore Bonaccorso on Jun 13

-------------------------------------------------------------------------
Debian Security Advisory DSA-4462-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
June 13, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : dbus
CVE ID : CVE-2019-12749
Debian Bug :...

X41 D-Sec GmbH Security Advisory X41-2019-001: Heap-based buffer overflow in Thunderbird

Bug Traq - 14 June, 2019 - 00:53

Posted by X41 D-Sec GmbH Advisories on Jun 13

X41 D-Sec GmbH Security Advisory: X41-2019-001

Heap-based buffer overflow in Thunderbird
=========================================
Severity Rating: High
Confirmed Affected Versions: All versions affected
Confirmed Patched Versions: Thunderbird ESR 60.7.XXX
Vendor: Thunderbird
Vendor URL: https://www.thunderbird.net/
Vendor Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1553814
Vector: Incoming mail with calendar attachment
Credit: X41...

SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Bug Traq - 13 June, 2019 - 06:30

Posted by SEC Consult Vulnerability Lab on Jun 13

SEC Consult Vulnerability Lab Security Advisory < 20190612-0 >
=======================================================================
title: Multiple vulnerabilities
product: WAGO 852 Industrial Managed Switch Series
vulnerable version: 852-303: <v1.2.2.S0
852-1305: <v1.1.6.S0
852-1505: <v1.1.5.S0
fixed version: 852-303: v1.2.2.S0...

SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Full Disclosure - 13 June, 2019 - 01:01

Posted by SEC Consult Vulnerability Lab on Jun 12

SEC Consult Vulnerability Lab Security Advisory < 20190612-0 >
=======================================================================
title: Multiple vulnerabilities
product: WAGO 852 Industrial Managed Switch Series
vulnerable version: 852-303: <v1.2.2.S0
852-1305: <v1.1.6.S0
852-1505: <v1.1.5.S0
fixed version: 852-303: v1.2.2.S0...

Vuln: Apache HTTP Server CVE-2019-0220 Remote Security Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Apache HTTP Server CVE-2019-0220 Remote Security Vulnerability

Vuln: Apache HTTP Server CVE-2019-0197 Denial of Service Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Apache HTTP Server CVE-2019-0197 Denial of Service Vulnerability

Vuln: Apache httpd CVE-2019-0196 Security Bypass Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Apache httpd CVE-2019-0196 Security Bypass Vulnerability

Vuln: RETIRED: Microsoft Windows Task Scheduler CVE-2019-1069 Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
RETIRED: Microsoft Windows Task Scheduler CVE-2019-1069 Local Privilege Escalation Vulnerability

Vuln: Microsoft Windows CVE-2019-1064 Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Microsoft Windows CVE-2019-1064 Local Privilege Escalation Vulnerability

Vuln: Microsoft Windows Shell CVE-2019-1053 Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Microsoft Windows Shell CVE-2019-1053 Local Privilege Escalation Vulnerability

Vuln: Microsoft Windows Installer CVE-2019-0973 DLL Loading Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Microsoft Windows Installer CVE-2019-0973 DLL Loading Local Privilege Escalation Vulnerability

Vuln: Microsoft Windows 'SetJobFileSecurityByName()' Function Local Privilege Escalation Vulnerability

Security Focus Vulnerabilities - 12 June, 2019 - 23:00
Microsoft Windows 'SetJobFileSecurityByName()' Function Local Privilege Escalation Vulnerability
Syndicate content