MS16-MAR – Microsoft Security Bulletin Summary for March 2016 – Version: 1.0 Revision Note: V1.0 (March 8, 2016): Bulletin Summary published. Summary: This bulletin summary lists security bulletins released for March 2016. Source: MS16-MAR – Microsoft Security Bulletin Summary for March 2016 – Version: 1.0
MS16-023 – Critical: Cumulative Security Update for Internet Explorer (3142015) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 8, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-023 – Critical: Cumulative Security Update for Internet Explorer (3142015) – Version: 1.0
USN-2915-3: Django regression Ubuntu Security Notice USN-2915-3 7th March, 2016 python-django regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary USN-2915-1 introduced a regression in Django. Software description python-django – High-level Python web development framework Details USN-2915-1 fixed vulnerabilities in Django. The upstream fix forCVE-2016-2512 introduced a regression for certain applications. This updatefixes the problem by applying the complete upstream regression fix. Original advisory details: Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing when doing password hashing operations. A remote attacker could possibly use this issue to perform user enumeration. (CVE-2016-2513) Update instructions The problem can be [ more… ]
USN-2921-1: Squid vulnerabilities Ubuntu Security Notice USN-2921-1 7th March, 2016 squid3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Squid. Software description squid3 – Web proxy cache server Details Sebastian Krahmer discovered that Squid incorrectly handled certain SNMPrequests. If SNMP is enabled, a remote attacker could use this issue tocause Squid to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2014-6270) Alex Rousskov discovered that Squid incorrectly handled certain malformedresponses. A remote attacker could possibly use this issue to cause Squidto crash, resulting in a denial of service. (CVE-2016-2571) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: squid3 3.3.8-1ubuntu16.2 Ubuntu 14.04 LTS: squid3 3.3.8-1ubuntu6.6 Ubuntu 12.04 LTS: squid3 [ more… ]
USN-2915-2: Django regression Ubuntu Security Notice USN-2915-2 7th March, 2016 python-django regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary USN-2915-1 introduced a regression in Django. Software description python-django – High-level Python web development framework Details USN-2915-1 fixed vulnerabilities in Django. The upstream fix forCVE-2016-2512 introduced a regression for certain applications. This updatefixes the problem. Original advisory details: Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing when doing password hashing operations. A remote attacker could possibly use this issue to perform user enumeration. (CVE-2016-2513) Update instructions The problem can be corrected by updating your system to the [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
