Ubuntu Security Notice 3437-1 - Radek Micek discovered that OCaml incorrectly handled sign extensions. A remote attacker could use this issue to cause applications using OCaml to crash, to possibly obtain sensitive information, or to possibly execute arbitrary code.
6c9f7f438e6c968695728eb6cfc3799aERS Data System version 1.8.1 suffers from a java deserialization vulnerability.
46d79529e7effccfc09cc535628d06f4HP Security Bulletin HPESBHF03776 1 - A potential security vulnerability has been identified in HPE Intelligent Management Center (iMC) Service Operation Management (SOM). The vulnerability could be remotely exploited to allow arbitrary file download and disclosure of information. Revision 1 of this advisory.
c9759eee543c55b3824bd0384725673cUbuntu Security Notice 3430-2 - USN-3430-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 12.04 ESM. A Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher A discovered that Dnsmasq incorrectly handled DNS requests. A remote A attacker could use this issue to cause Dnsmasq to crash, resulting in A a denial of service, or possibly execute arbitrary code.A A Various other issues were also addressed.
31ae3a8fa54f7d5ca3b4a9dbab5dc681HP Security Bulletin HPESBMU03753 1 - Several potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Cross-site scripting, local and remote Denial of Service, local and remote execution of arbitrary code, local elevation of privilege and local unqualified configuration change. Revision 1 of this advisory.
3610a8a805b73bebd3f6895b697cadace2openplugin OpenWebif versions 0.2.9 through 1.2.4 suffer from a code execution vulnerability.
e3b736333b9d373249b51af3bd173ccfA proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.
c93b1f362e5c29a309a5639c5750833cBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS
b41043dec32857498898013000db98c7Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the old stable release.
e5ed5dc70edd238c5a2116670b2cb3f3Ubuntu Security Notice 3435-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, obtain sensitive information, bypass phishing and malware protection, spoof the origin in modal dialogs, conduct cross-site scripting attacks, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
f04486fc6c43f2ce047c937967095f07Red Hat Security Advisory 2017-2836-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.
73fa822c40b520e870fe529f671622dcUbuntu Security Notice 3434-1 - It was discovered that Libidn incorrectly handled decoding certain digits. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly execute arbitrary code.
54cabde92770ee5e27d50716a8549e5dRed Hat Security Advisory 2017-2839-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.
5a88499b74a2e9a96dc2e46d6598f62bRed Hat Security Advisory 2017-2838-01 - The dnsmasq packages contain Dnsmasq, a lightweight DNS forwarder and DHCP server. Security Fix: A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code.
494d9b8aa01332a3095b19a8cffbf831The Microsoft IIS UrlScan module suffers from a bypass vulnerability.
9508fb9d121697442b8bd2d57e43604e
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed