Gentoo Linux Security Advisory 201612-2 - A vulnerability in DavFS2 allows local users to gain root privileges. Versions less than 1.5.2 are affected.
d0568f03ffe49f3c81a6c0e574c71ad92049b22ec3a89222a80394850b94ea44Gentoo Linux Security Advisory 201612-1 - Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. Versions less than 1.4.21 are affected.
37fe9de631962cfd3e2975a9e2c328624e54229c467b32de7b2928980e4dd247Ubuntu Security Notice 3148-1 - Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code. Multiple vulnerabilities were discovered in Ghostscript related to information disclosure. If a user or automated system were tricked into opening a specially crafted file, an attacker could expose sensitive data. Various other issues were also addressed.
305ddd517930ecd6045f507192a90f2665deb323a20c8dbdc27d875d6773af78Xfinity Gateway suffers from a remote code execution vulnerability.
cc2e0c44b8e4b910eb49b488cffc9d37540e885ee41ea2747fd9417e765cbde8The code in IOMXNodeInstance.cpp that handles enableNativeBuffers uses port_index without validation, leading to writing the dword value 0 or 1 at an attacker controlled offset from the IOMXNodeInstance structure.
72e3f04c0dccca9d11b30c786b9e44b6ad70abc4202d48d377b62972e3b859afAs of Android Nougat, a new set of SELinux rules have been added which are designed to prevent system_server from loading arbitrary code into its address-space. However, as system_server is extremely privileged, there are a few vectors through which it may still load arbitrary code, thus bypassing the mitigation mentioned above.
24c10a0d6f4d42cf96eb11a1f2c3700f98a0275e04324e2cd9fff3a0af399fedNagios versions 2.x through 4.x suffer from a local privilege escalation vulnerability.
bb350a71b3261a164e4de72b3a02f190a730e7f19f0ddd7d80d3a5d441e96e5fThis Metasploit module will bypass Windows UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows Event Viewer is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.
9f324275d7747e6056b99457eba72507d809e7fdc4d2bbdb300c55c482595517Red Hat Security Advisory 2016-2847-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.
ff9c3b0b4c89fdbb1b7c3f5a73cab03f16ebe37f730bfc97ef17ae59fb8263dfRed Hat Security Advisory 2016-2848-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.
0b013de12e046716e6f70eec15d7f4db2d9281b003c28e8fb4e959f101e5e910Ubuntu Security Notice 3133-1 - Multiple security vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. A heap-corruption issue was discovered in FFmpeg. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
b72eb93d45742e189c07842398f2e7ce91e07a40811ab584bed196e1403a29b6Red Hat Security Advisory 2016-2843-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.1 ESR. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
435dfe9352257dc57f397cc39e899cbaf3481b14535753a62444cd16c0d57442NorthSec 2017 has announced its Call For Papers. It will be held in Montreal, Canada, from May 16th through the 21st, 2017.
b96ddf41d13f35bae43aefe3e136d68c0367cab0fd13f28b12942b127f3ba702Opera suffers from a foreignObject textNode::removeChild use-after-free vulnerability.
9cc42e69eae1ca521e8968289d7d5db932201ee29bd95e6b3b41610ffbe6890cMicrosoft Edge has an information leak in JSON.parse. If this function is called with a reviver, and the reviver modifies the output object to contain a native array, the Walk function assumes that this array is a Var array, and writes pointers to it. These pointers can then be read out of the array by script.
28aba0b72143b7ea7aebe7de276ebb7d83f377a03b421526aea18446883104b0Because of a design bug in IOMX, the user-supplied sizes in the GET_PARAMETER and SET_PARAMETER calls ar e discarded before calling in to the responsible OMX code-paths. This has led to a variety of overflow-type bugs.
245303f62a985e2c7f94eea5fb4db0d07c7e4c06a7618c0e4bce59602d707a4cBitmap objects can be passed between processes by flattening them to a Parcel in one process and un-flattening them in another. In order to conserve memory, there exists a code path which allows Bitmaps to be shared between processes by providing an ashmem-mapped file descriptor containing the Bitmap's raw pixel data. The android.graphics.Bitmap class illegally assumes that the size of the ashmem region provided by the user matches the actual underlying size of the Bitmap.
043a3329589da90bcd2c6c0063a9bb264211f6a7b9a85049fc1e91ac861f231eA specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge.
6ba927cdd17ccd5b55048e77c1cd5525162f01de3ee491858224ceb7d2258621
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed