LAME version 3.99.5 suffers from multiple denial of service vulnerabilities.
96e1d72ae3d61288a5a5871d2c0e2644Ubuntu Security Notice 3366-1 - It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. Various other issues were also addressed.
658e7009018bea7fcaaa8f27548c347bHPE Security Bulletin HPESBHF03765 1 - Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
c683a7b3bfd4e5f33311dd9c4610914clibjpeg-turbo version 1.5.1 suffers from a denial of service vulnerability.
ed8b75a3fc106b42b293aa8d60bf68a7Ubuntu Security Notice 3368-1 - It was discovered that libiberty incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
a499ba39c7aaf4f7e4c5320fc92b569aUbuntu Security Notice 3367-1 - Hanno Bock discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. It was discovered that gdb incorrectly handled printing bad bytes in Intel Hex objects. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS. Various other issues were also addressed.
47b1d523dac4f2073a7f6fe03eaf06e7WordPress Stop User Enumeration plugin version 1.3.8 suffers from a user enumeration vulnerability.
5b03f398e336eb07feec0fddd9a53a7dWordPress YouTube Embed Plus plugin version 11.8.1 suffers from a cross site request forgery vulnerability.
ea7597e199209fb2c929ee36c93e054empg123 version 1.24.0 suffers from a denial of service vulnerability.
e49d4616b266996250852274bb9b85bdRazer Synapse versions 2.20.15.1104 and below suffer from multiple dll search order hijacking vulnerabilities.
091119bbcde2837ddbc5f36184c2e788Bittorrent versions 7.10.0.43581 and below suffer from an installer dll search order hijacking vulnerability.
0b8e85295c184e98cb13d0b7cfdbc839Debian Linux Security Advisory 3919-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, use of insecure cryptography, side channel attacks, information disclosure, the execution of arbitrary code, denial of service or bypassing Jar verification.
6c2713f08ae2abdb5017b6d2f567ae64Debian Linux Security Advisory 3920-1 - Multiple vulnerabilities were found in in qemu, a fast processor emulator.
f120933ef91a131b7138486880a5c7c8SoundTouch version 1.9.2 suffers from multiple denial of service vulnerabilities.
202ff9e52df78c8cfb348cfdd80a6a8dDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
8453c084bdcd9d0042ec0d2b08b1decaMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
0e22b573c08233276dd4687d9fddb649Ubuntu Security Notice 3364-3 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
6d424501523a4eae735e5215177c70f3
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed