InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities.
dac731d2690cb1af2ab661aed3d50c9247b02e31917bc2d087907958bbe12e5eUbiquiti Networks EP-R6, ER-X, and ER-X-SFP with firmware version 1.9.1 suffer from a cross site scripting vulnerability.
ee8734a3380cb25e9501ce4ed4a9ee0bd8e9edf795998ee4d8a0ad875a88622bKerio Control Unified Threat Management versions prior to 9.1.3 suffer from unsafe usage of the PHP unserialize function, code execution, memory corruption, cross site scripting, and various other vulnerabilities.
c22171b8824d2b252b1a4ea012d4bc8d7cc2305a401acabe53ffb1f9885c3e3dCryptWare CryptoPro Secure Disk for Bitlocker version 5.1.0.6474 suffers from flaws that allows a malicious party to attack the boot process and backdoor the system to steal login credentials, the private 802.1x certificate, and the associated password.
f6c2bdd62d1577463dc9c79bb653feed9235e44736641fa6d88a9f5d0e6c8af7This paper describes the results of the research conducted by SEC Consult Vulnerability Lab on the security of McAfee Application Control. This product is an example of an application whitelisting solution which can be used to further harden critical systems such as server systems in SCADA environments or client systems with high security requirements like administrative workstations. Application whitelisting is a concept which works by whitelisting all installed software on a system and after that prevent the execution of not whitelisted software. This should prevent the execution of malware and therefore protect against advanced persistent threat (APT) attacks. McAfee Application Control is an example of such a software. It can be installed on any system, however, the main field of application is the protection of highly critical infrastructures. While the core feature of the product is application whitelisting, it also supports additional security features including write and read protection as well as different memory corruption protections.
447953aeb8d3c594011048fcd1518b83478ae1bf8164d0159859893f8caa6b18McAfee Application Control version 6.1.3.353 suffers from multiple vulnerabilities including insufficient whitelist protection and bypass issues.
56a0d4447cb0bd7f7b3072dc871f8d24fc7433bff2511b0d379a1e91aadfd4dcBy combining all vulnerabilities documented in this advisory an unprivileged authenticated remote attacker can gain full system access (root) on the RPRM appliance. This has an impact on all conferences taking place via this RP Resource Manager. Attackers can steal all conference passcodes and join or record any conference. Versions prior to 8.4 are affected.
1d5b03ba6b9a7b0e1ff5623237c28661b4f890d43709aa901df21c57464f2cf6SAS for Windows versions 9.2, 9.3, and 9.4 suffer from a local buffer overflow vulnerability.
24769861835016b127bed896f8ade5c050efa0a1c159a8540888d617d43db899
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed