LAME version 3.99.5 suffers from multiple denial of service vulnerabilities.
9cff4937e1bcc568febbb0445950ff770b81eb58522f9e37556f8ab99bcd8ecfUbuntu Security Notice 3366-1 - It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. Various other issues were also addressed.
b14c83af19137eb71b4ecf4d60969230fa06f1294af8524a5b5982b5a637a156HPE Security Bulletin HPESBHF03765 1 - Potential security vulnerabilities in OpenSSL have been addressed in HPE Network Products including Comware v7 that is applicable for ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information. Revision 1 of this advisory.
022069972577db48d8cb81bb5e40218f836f168ecf9948fbce4699190ff05d6dlibjpeg-turbo version 1.5.1 suffers from a denial of service vulnerability.
a2a71ad6aedf5b71cfb68e0601892b527ec90972ad5aa5f5187411ee524dcfcbUbuntu Security Notice 3368-1 - It was discovered that libiberty incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
50d0035ae5405187e36f6b8023b1bda1409d21528024b3a2b48a5d0e95f6b50cUbuntu Security Notice 3367-1 - Hanno Bock discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. It was discovered that gdb incorrectly handled printing bad bytes in Intel Hex objects. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS. Various other issues were also addressed.
f3e471479b529fe664751ec43fd5c8ddedf9d518467f07744a2cb8afeec18465WordPress Stop User Enumeration plugin version 1.3.8 suffers from a user enumeration vulnerability.
b7513f284de1b5522ef7c496fd4c6816b69284ea65ff20882b3bb5824e1e4e39WordPress YouTube Embed Plus plugin version 11.8.1 suffers from a cross site request forgery vulnerability.
6978786658c9e7e79af098ad01d5a2b6a44041145b418751a98e98150db7f01empg123 version 1.24.0 suffers from a denial of service vulnerability.
813f4618284100f0c6096d573e09ddf74d26a0fa729d672a48549fd199472a69Razer Synapse versions 2.20.15.1104 and below suffer from multiple dll search order hijacking vulnerabilities.
bf738331c729177e569ee26634555b687a094bf72cb90f5fc39cb6d342ddb6a0Bittorrent versions 7.10.0.43581 and below suffer from an installer dll search order hijacking vulnerability.
a3dd61ff0f2d5686afb200401a1d48f47d5d874b774922c27dab73e865fe322aDebian Linux Security Advisory 3919-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, use of insecure cryptography, side channel attacks, information disclosure, the execution of arbitrary code, denial of service or bypassing Jar verification.
642393b60460ab427f00a7f9230f96cea6919164c70db360fd2e9dbd9544bde0Debian Linux Security Advisory 3920-1 - Multiple vulnerabilities were found in in qemu, a fast processor emulator.
ccac3717437c591c35209d39adb82a92b3854a6305571997969ade3dae00ceebSoundTouch version 1.9.2 suffers from multiple denial of service vulnerabilities.
a39bfe6023a9311f973a40c4058b50ef1eb49c77ad241658f36142672748ac0eDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
7c2d25faf486ad89885099db7704f0bda9efe7fdb6ca5a4d0835e76c455cfce0MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
0baf9c14dc47cf40ab358ffb24603f5271af88f0f294cf1ffe259150814e3d31Ubuntu Security Notice 3364-3 - It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information. It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker could use this to expose sensitive information. Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture subsystem in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
52da26b53d8c3033579bdd0681b859c86afd51f1537e50195093a868a02ecc95
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed