Debian Linux Security Advisory 5150-1 - Peter Agten discovered that several modules for TCP syslog reception in rsyslog, a system and kernel logging daemon, have buffer overflow flaws when octet-counted framing is used, which could result in denial of service or potentially the execution of arbitrary code.
e4778e769832dd9146a37a7c1719d90772ee712460dc84d2d00fa1c1d0f9272eDebian Linux Security Advisory 5151-1 - Several security vulnerabilities have been discovered in smarty3, the compiling PHP template engine. Template authors are able to run restricted static php methods or even arbitrary PHP code by crafting a malicious math string or by choosing an invalid {block} or {include} file name. If a math string was passed through as user provided data to the math function, remote users were able to run arbitrary PHP code as well.
00378c9d45f203438ba46e8abbade7d4910a9331f6e4759dd22f7f3cc948f369Debian Linux Security Advisory 5152-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks.
dea8a4d186b3ba2374c2c35f162c853daba79271121331f7a2311b97adb1151cDebian Linux Security Advisory 5153-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in HTTP request smuggling or MITM attacks.
389b35955d8c0fde96ec34613a1833bbb3753f489c93840f576b033f9eafa474Debian Linux Security Advisory 5111-1 - Danilo Ramos discovered that incorrect memory handling in zlib's deflate handling could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed.
ba6926a46bb89ee8eb52bf8c72d4648d9660025bcded3da4a338ff191d9efb54Debian Linux Security Advisory 5112-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
9776079ada49ba8f7c9d6ba0d51c701c250dd2c1ac8cf18f0e3da5410734ac90Debian Linux Security Advisory 5113-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
01611edf9c74c2d6fccfdcd693008805cc537c88a217d53db609de1c1966d64fDebian Linux Security Advisory 5114-1 - Sergei Glazunov discovered a security issue in Chromium, which could result in the execution of arbitrary code if a malicious website is visited.
30ddf7ca17607e5fbb34e38e0e85d5f92274270cdc296fc9315189d39313a87aDebian Linux Security Advisory 5115-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.
f70de87352ec6b6237797d8b677f478cb1d19c060c6caac318da45f6cbcc7ee4Debian Linux Security Advisory 5116-1 - The following vulnerabilities have been discovered in the WPE WebKit web engine.
014963d45ab96a70b89e6f38b86cce9819acdf7b57f758b90df1261608bc6fb8Debian Linux Security Advisory 5117-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks.
819f8a49cd9f2ae6dc9a4768afc2e71a91e4114e4c5860d415894bcc9b37f10bDebian Linux Security Advisory 5118-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
314c30a5de7cf083ebbee813fe6ee604c9665873a6709ae7eced4cb4a8b45b1eDebian Linux Security Advisory 5119-1 - Several vulnerabilities were discovered in Subversion, a version control system.
1a34f38df0fea59b6eaf4cacde087ffeb38a537decf50636458f2c91b2a756baDebian Linux Security Advisory 5120-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
74c681ba09a0286ca1379ff783f8eb63418a29804da3426133e6212e28dccf67Debian Linux Security Advisory 5121-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code.
96f1062896536386781fb9baeba3327f1a750b3e2f2f2da4eba8629d556d31e3Debian Linux Security Advisory 5122-1 - cleemy desu wayo reported that incorrect handling of filenames by zgrep in gzip, the GNU compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed.
5421218ce3e73476ed96ebc8b462941336566a2af7da9bf69a75f8e791c6efd2Debian Linux Security Advisory 5123-1 - cleemy desu wayo reported that incorrect handling of filenames by xzgrep in xz-utils, the XZ-format compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed.
1ab04d49d95e2b0dcc6b863b50b8a84240cc5fbcc66ab587e75600dd44cf18bbDebian Linux Security Advisory 5124-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
ac31a7ec5c3b6a081e32a479bd7abbfd626e4d0b6e623b6793ab268b54ed7e99Debian Linux Security Advisory 5125-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
90ddacda07c3eada30f1afa712a601abbfa154695d614dbebe409e6a090b946bUbuntu Security Notice 5359-1 - Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code.
d86fd6c18100320089eb6c892b3934a7fd83a90dab64630caba832caecfe673fUbuntu Security Notice 5356-1 - Alexandre Bartel discovered that DOSBox incorrectly handled long lines in certain files. An attacker could possibly use this issue to execute arbitrary code. Alexandre Bartel discovered that DOSBox incorrectly performed access control over certain directories. An attacker could possibly use this issue to execute arbitrary code.
e3839ee571468680b81112957309e74a8af6ee0fa66b2e646caf9672ba1cf90fUbuntu Security Notice 5358-1 - It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
6014beb1c2288fa564666e3a8cc2728d4f9100f4d4f9d8585a4f7e619cce7702Ubuntu Security Notice 5357-1 - It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d5cfae3dd3a1ace57560baad4ec8506d71d870b74dea62b48667b6febe4c77dbUbuntu Security Notice 5355-2 - USN-5355-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.
bd7bd9de57a4bed18909c272ff1654178c42449228d7c6020d29b7ecf83a4081Ubuntu Security Notice 5355-1 - Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.
23634ab2e48f0bdf4e10ce11f4dbd2b9a409a2e06ec401c9576d2434ceac9f05
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed