EMC Documentum WebTop and WebTop based client products contain an open redirected vulnerability. Attackers could potentially exploit this vulnerability by supplying crafted URLs to users of the affected application and causing a browser redirect to arbitrary and potentially malicious websites.
2522c718c302be4a8ccf0d96166ebbc62243ca64ca2cd415fa3fec260890c15d
Red Hat Security Advisory 2015-1235-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-18 listed in the References section. Two flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
4cf10ad07146533c8b547310b7ff129e572328fc4216246e24c559dac2cf24b5
The monthly critical patch for SAP for July, 2015 includes missing authorization checks, information disclosure, and remote code execution vulnerabilities.
33063b36cddb11eba63a949b7e3cac6274e377fdbbdcac57db8364e3c860dd94
Red Hat Security Advisory 2015-1226-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. It was found that JavaServer Faces PortletBridge-based portlets using GenericPortlet's default resource serving did not restrict access to resources within the web application. An attacker could set the resource ID field of a URL to potentially bypass security constraints and gain access to restricted resources.
0e4761b4c8daaf8d87d38bae55837ec0ec12e07790cf3448f15d6989499fe3db
Cisco Security Advisory - A vulnerability in the HTTP processing module of the Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) and Cisco Videoscape Distribution Suite Service Broker (VDS-SB) could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable device. An exploit could allow the attacker to cause a denial of service (DoS) condition. There is no workaround that mitigates this vulnerability. Cisco has released software updates that address this vulnerability for Cisco VDS-IS.
3ecacdced53de5553a300e3b75f9f1fe8fb79700ac09feb0dfabd419ea98b652
Ubuntu Security Notice 2656-2 - USN-2656-1 fixed vulnerabilities in Firefox for Ubuntu 14.04 LTS and later releases. This update provides the corresponding update for Ubuntu 12.04 LTS. Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. Looben Yan discovered 2 use-after-free issues when using XMLHttpRequest in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
328cec1a37ec3067650890b309d1dd0a9ac8e5ee91e22185327112346ae999c2
Red Hat Security Advisory 2015-1230-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid.
7517a9e6d94cdc1cd64799e406750d0680e354b46859f1efd2e8114dcf35d4d2
Red Hat Security Advisory 2015-1229-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid.
d5875237c2fae7485fec92ae42358fcdf27396081fe6248111746b82dd5ad316
Red Hat Security Advisory 2015-1228-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid.
677ba73488a04d18a8c2e819c58aa77b061d9a2f573c08cfeb2da6786c091f7f
Red Hat Security Advisory 2015-1221-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files. A local, unprivileged attacker could use this flaw to crash the system. It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.
8394d513775323a5411dce831989986059917715783fc2505ddab157a8940038
Apache Groovy versions 1.7.0 through 2.4.3 suffer from a code execution vulnerability.
ba3362ad045e055e508294087e6389c8708ee8327d2b1bc0df1c1fa28f01120b
This bulletin summary lists fourteen released Microsoft security bulletins for July, 2015.
8846e631019c9c27b9e49707cf73f66afafc8dd343cb067448190ad97abcbb4e
Panda Kernel Memory Access Driver does not validate the size of data to be copied to both an allocated kernel paged pool buffer and to an allocated non-paged pool buffer. Furthermore, the attacker has control over the start-to-copy index regarding the non-paged pool buffer which allows an attacker to corrupt a kernel object with more precision, and control the EIP via a hijacked function pointer.
017a81162eb94fe7a9a71b19ac47e7b58ea849b57dcaba936c68c4e615a3aa90
The SAP Afaria Windows client software installs with weak default permissions that grant read and write permissions to the Everyone group to the install folder. Versions 7.0.6398.0 is affected.
f55a7dc136213d822d2d50e86eefeb0e200654f4242fdea8ec5a678e31edaa9e
SAP ECC uses binaries that are executed with elevated privileges (SetGID and SetUID programs) that have been compiled in manner that means they searched for libraries in insecure locations.
dda76ea46a15e7f7868621a6ca1e393d8ba4ac5999ea0d317aec6164f94be550
The AjaxControlToolkit prior to version 15.1 has a file upload directory traversal vulnerability which on a poorly configured web server can lead to remote code execution.
3ecb8a9a5021d70b1e7c79052e7ca74b09b23fe34ddae56eae4bc7ed860ab73e
Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
7314c7a33e39371cd2b97e6ad6effe66cd46811ce446554bda0d310bfd83be12
HP Security Bulletin HPSBGN03373 1 - A potential security vulnerability has been identified with HP Release Control running TLS. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
9532c8a022d376f659baa52d890981f1f1358dc02fa56962081e976cb6066ed3
Gentoo Linux Security Advisory 201507-12 - A buffer overflow in libcapsinetwork might allow remote attackers to cause a Denial of Service condition. Versions less than or equal to 0.3.0-r2 are affected.
5fb5a58f4fae0e9dba89d238c09be2da5ea04a2943f6cea57669b04da0f85b27
Cisco Security Advisory - On July 9, 2015, the OpenSSL Project released a security advisory detailing a vulnerability affecting applications that verify certificates, including SSL/Transport Layer Security (TLS)/Datagram Transport Layer Security (DTLS) clients and SSL/TLS/DTLS servers using client authentication. Multiple Cisco products incorporate a version of the OpenSSL package affected by this vulnerability that could allow an unauthenticated, remote attacker to cause certain checks on untrusted certificates to be bypassed, enabling the attacker to forge "trusted" certificates that could be used to conduct man-in-the-middle attacks. This advisory will be updated as additional information becomes available. Cisco will release free software updates that address this vulnerability. Workarounds that mitigate this vulnerability may be available.
b00d4f207b2edb22f7df504b7389d626043cb87f2549ce15cfca0d8bf3663841
HP Security Bulletin HPSBGN03351 2 - Potential security vulnerabilities have been identified with HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL. This is the TLS vulnerability known as "Logjam", which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.
efbbe900de77885962b7c89379556a0ec45f4e5d0323c0974920b8e625855f20
Panda Kernel Memory Access Driver does not validate the size of data to be copied to both an allocated kernel paged pool buffer and to an allocated non-paged pool buffer. Furthermore, the attacker has control over the start-to-copy index regarding the non-paged pool buffer which allows an attacker to corrupt a kernel object with more precision, and control the EIP via a hijacked function pointer. Version 1.0.0.13 is affected.
eab4ee724270c93a18fa3a73a94be01509bfed60588585695b11e21975000fa3
FreeBSD Security Advisory - During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails, unless the application explicitly specifies X509_V_FLAG_NO_ALT_CHAINS. An error in the implementation of this logic could erroneously mark certificate as trusted when they should not. An attacker could cause certain checks on untrusted certificates, such as the CA (certificate authority) flag, to be bypassed, which would enable them to use a valid leaf certificate to act as a CA and issue an invalid certificate.
7506aba3461e8c1915436a9531f38abc96e09fee2b93caefa87da64dce1a32d3
VMware Security Advisory 2015-0005 - VMware Workstation, Player, and Horizon View Client for Windows updates address a host privilege escalation vulnerability.
59a3124a6a1edf44fcbd19fea4a8569a864b53e76d75f7d23cf7672bccf89777
Gentoo Linux Security Advisory 201507-15 - Certain checks on untrusted certificates can be bypassed. Versions less than 1.0.1p are affected.
a2cdd3e13ff08aecad86dae1e1117c6751bff280917deb2d2154138c8a75ffa1