[webapps / 0day] – Car Portal CMS v3.0 – Multiple Vulnerabilities
Continue Reading: [webapps / 0day] –...
Ubuntu Security Notice USN-1419-1
Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files.
Secunia Security Advisory 48648
Secunia Security Advisory - Apple has issued an update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Secunia Security Advisory 48454
Secunia Security Advisory - David Vieira-Kurz has discovered a vulnerability in Apple iOS, which can be exploited by malicious people to conduct spoofing attacks.
Secunia Security Advisory 48377
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.
Secunia Security Advisory 48288
Secunia Security Advisory - A weakness and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device.
Secunia Security Advisory 48289
Secunia Security Advisory - A vulnerability has been reported in Apple TV, which can be exploited by malicious people to potentially compromise a vulnerable system.
Secunia Security Advisory 48274
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
Secunia Security Advisory 44976
Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in Apple Safari, which can be exploited by malicious people to conduct spoofing attacks.
Zero Day Initiative Advisory 12-005
Zero Day Initiative Advisory 12-05 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec.