OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
>> TAG: #Security
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Vtiger CRM 5.4.0 (index.php, onlyforuser param) – SQL Injection
http://www.namorbun.go.th notified by Iran Security Team
Apple Security Advisory 2013-09-18-3 – Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.
Apple Security Advisory 2013-09-18-2 – iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.
Wordpress Plugin Complete Gallery Manager 3.3.3 – Arbitrary File Upload Vulnerability
TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability
Apple Security Advisory 2013-09-17-1 – OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
Vino VNC Server 3.7.3 – Persistent Denial of Service
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload