Security News

Vuln: Rockwell Automation ControlLogix ICSA-19-120-01 Multiple Buffer Overflow Vulnerabilities

Security Focus Vulnerabilities - 29 April, 2019 - 23:00
Rockwell Automation ControlLogix ICSA-19-120-01 Multiple Buffer Overflow Vulnerabilities

Vuln: ImageMagick CVE-2019-10131 Denial of Service Vulnerability

Security Focus Vulnerabilities - 29 April, 2019 - 23:00
ImageMagick CVE-2019-10131 Denial of Service Vulnerability

[SECURITY] [DSA 4436-1] imagemagick security update

Bug Traq - 29 April, 2019 - 02:42

Posted by Moritz Muehlenhoff on Apr 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-4436-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
April 28, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : imagemagick
CVE ID : CVE-2019-9956 CVE-2019-10650...

[SECURITY] [DSA 4435-1] libpng1.6 security update

Bug Traq - 29 April, 2019 - 02:38

Posted by Salvatore Bonaccorso on Apr 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-4435-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
April 27, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libpng1.6
CVE ID : CVE-2019-7317
Debian Bug :...

[slackware-security] bind (SSA:2019-116-01)

Bug Traq - 29 April, 2019 - 02:34

Posted by Slackware Security Team on Apr 29

[slackware-security] bind (SSA:2019-116-01)

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
The TCP client quota set using the tcp-clients option could be exceeded
in some cases. This could lead to...

Vuln: ImageMagick Multiple Heap Buffer Overflow Vulnerabilities

Security Focus Vulnerabilities - 28 April, 2019 - 23:00
ImageMagick Multiple Heap Buffer Overflow Vulnerabilities

Re: GAT-Ship Web Module [All versions before 1.40] - Unrestricted File Upload

Full Disclosure - 26 April, 2019 - 12:00

Posted by gionreale on Apr 26

CVE-2019-11028

Vuln: Ghostscript Multiple Security Bypass Vulnerabilities

Security Focus Vulnerabilities - 25 April, 2019 - 23:00
Ghostscript Multiple Security Bypass Vulnerabilities

Vuln: Ghostscript CVE-2018-18284 Security Bypass Vulnerability

Security Focus Vulnerabilities - 25 April, 2019 - 23:00
Ghostscript CVE-2018-18284 Security Bypass Vulnerability

Vuln: Ghostscript 'shading_param' Remote Code Execution Vulnerability

Security Focus Vulnerabilities - 25 April, 2019 - 23:00
Ghostscript 'shading_param' Remote Code Execution Vulnerability

Vuln: Atlassian Confluence Server and Confluence Data Center Directory Traversal Vulnerability

Security Focus Vulnerabilities - 25 April, 2019 - 23:00
Atlassian Confluence Server and Confluence Data Center Directory Traversal Vulnerability

Multiple vulnerabilities in Sony Smart TVs

Bug Traq - 24 April, 2019 - 03:39

Posted by xen1thLabs on Apr 24

UNCLASSIFIED

## ADVISORY INFORMATION

TITLE: Multiple vulnerabilities in Sony Smart TVs
ADVISORY URL:
https://www.darkmatter.ae/blogs/security-flaws-uncovered-in-sony-smart-tvs/
DATE PUBLISHED: 23/04/2019
AFFECTED VENDORS: Sony
RELEASE MODE: Coordinated release
CVE: CVE-2019-10886, CVE-2019-11336
CVSSv3 for CVE-2019-10886: 6.5 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSSv3 for CVE-2019-11336: 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

## PRODUCT...

Confluence Security Advisory - 2019-04-17

Bug Traq - 24 April, 2019 - 03:34

Posted by Atlassian on Apr 24

This email refers to the advisory found at
https://confluence.atlassian.com/x/d5e8OQ .

CVE ID:

* CVE-2019-3398.

Product: Confluence Server and Confluence Data Center.

Affected Confluence Server and Confluence Data Center versions:

6.6.0 <= version < 6.6.13
6.7.0 <= version < 6.12.4
6.13.0 <= version < 6.13.4
6.14.0 <= version < 6.14.3
6.15.0 <= version < 6.15.2

Fixed Confluence Server and Data Center versions:...

Multiple vulnerabilities in Sony Smart TVs

Full Disclosure - 23 April, 2019 - 12:26

Posted by xen1thLabs on Apr 23

UNCLASSIFIED

## ADVISORY INFORMATION

TITLE: Multiple vulnerabilities in Sony Smart TVs
ADVISORY URL:
https://www.darkmatter.ae/blogs/security-flaws-uncovered-in-sony-smart-tvs/
DATE PUBLISHED: 23/04/2019
AFFECTED VENDORS: Sony
RELEASE MODE: Coordinated release
CVE: CVE-2019-10886, CVE-2019-11336
CVSSv3 for CVE-2019-10886: 6.5 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSSv3 for CVE-2019-11336: 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

## PRODUCT...

Re: Obtaining location using Google maps & JavaScript

Full Disclosure - 23 April, 2019 - 12:25

Posted by Reed Black on Apr 23

Have you tested this?

The Google Maps page header includes "x-frame-options: SAMEORIGIN” which would prevent iframe embedding in every
commonly used browser. But even if this control were not in place, browsers implement additional controls. Most
significantly, if the page to be embedded in an iframe is on a remote domain, then the parent page is prevented from
inspecting iframe content and metadata unless permissions are granted by...

WordPress Plugin Contact Form Builder [CSRF → LFI]

Full Disclosure - 23 April, 2019 - 12:23

Posted by Panagiotis Vagenas on Apr 23

# Exploit Title: Contact Form Builder [CSRF → LFI]
# Date: 2019-03-17
# Exploit Author: Panagiotis Vagenas
# Vendor Homepage: http://web-dorado.com/
# Software Link: https://wordpress.org/plugins/contact-form-builder
# Version: 1.0.67
# Tested on: WordPress 5.1.1

Description
-----------

Plugin implements the following AJAX actions:

- `ContactFormMakerPreview`
- `ContactFormmakerwdcaptcha`
- `nopriv_ContactFormmakerwdcaptcha`
- `CFMShortcode`...

SPECTRE

Daily Dave - 16 April, 2019 - 10:57

Posted by Dave Aitel on Apr 16

There's a bunch of stuff in the new SPECTRE CANVAS Module for Windows that
I can't go into, partially to avoid boring a large segment of this mailing
list with implementation details, and partially because everyone should
just buy CANVAS and read the code. :)

But one thing I think people forget is that in back in the day when
everyone wrote 0day you'd often see months get spent on one bug, often from
multiple teams who solved the...

The Gods of Malice

Daily Dave - 15 April, 2019 - 10:12

Posted by Dave Aitel on Apr 15

So if you have not, I highly recommend watching the first two episodes of
our INFILTRATE 2019 series:

https://vimeo.com/322257258 (Part 1: XANADU)
https://vimeo.com/329589102 (Part 2: Rise of the Demiurge)

One major thing Infiltrate does differently is the Dry Runs that we have
every speaker do. There are a lot of advantages to this but one advantage
of watching every talk over two weeks time and thinking hard to provide
good feedback is that...

CALL FOR PAPERS - Hackers 2 Hackers Conference 16th edition

Daily Dave - 11 April, 2019 - 08:56

Posted by Rodrigo Rubira Branco (BSDaemon) on Apr 11

CALL FOR PAPERS - Hackers 2 Hackers Conference 16th edition

The call for papers for H2HC 16th edition is now open. H2HC is a hacker
conference taking place in Sao Paulo, Brazil, on 26th and 27th of
October 2019.

[ - INTRODUCTION - ]

For another consecutive year and past success we have been having, the
annual Hackers 2 Hackers Conference will be held again in Sao Paulo,
on 26 and 27 of october of 2019 and aims to get together industry,...

Re: CVSS is the worst compression algorithm ever

Daily Dave - 11 April, 2019 - 08:54

Posted by Christian Heinrich on Apr 11

Dave,

For the record, Bruce from https://www.first.org/members/teams/oracle
represented their feedback to cvss-sig () lists first org

Please refer to the "Addition Of Partial+ Rating" section of
https://www.oracle.com/technetwork/topics/security/cvssscoringsystem-091884.html
under "CVSS Version 2.0" heading.

Please refer to "3.7. Vulnerability Chaining" section of
https://www.first.org/cvss/user-guide
Syndicate content