Red Hat Security Advisory 2017-3392-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.
ca32abbf1eb81bce01cfed2e18d19f591d66881e2fc8d09c626f0ebdc112de1eUbuntu Security Notice 3505-1 - Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information.
72a34e78317c166da81b0eff736ba721011438c53db42ebb9851cc788f20fcb6Hashicorp vagrant-vmware-fusion version 5.0.0 suffers from a local privilege escalation vulnerability.
24aa1a353f029401bbaa881dd3478a872aa822825677ec04864bd8e1abe615aeFS Makemytrip Clone suffers from a remote SQL injection vulnerability.
1ab8dd12c150bc42ae86696900e779fc3af6598d47ea1ff25f0a0d389ab73401VX Search Enterprise version 10.2.14 buffer overflow exploit.
67c80b40f2f5738579c35d0fbbf9e82e90d4e8651d8a6c48fb6976727a048ebdFS Facebook Clone suffers from a remote SQL injection vulnerability.
ab6647ce4347f1f619f0a1b0b4e7ce24f026709ca93905cc42f40270f84f8466FS IMDB Clone suffers from a remote SQL injection vulnerability.
1a6748ee9ed73c167c5b03f1f6fd38c60b0fece2c5761b9bf1cf085754277641Proxifier for Mac version 2.19 suffers from a local privilege escalation vulnerability.
9fbf43fc49a132a5d63bab0b1a34230d9aec8188c18601a2fac9f08e1e10f248FS Shaadi Clone suffers from a remote SQL injection vulnerability.
7c3d67785eb7571bddbfa22587a2b3ac647a64890666345ed9c23032371fdd17This Microsoft bulletin summary holds information regarding Microsoft security updates for December, 2017.
2cecaee488ea2d406fdee106beed031d3376b9ef0bd777c8bf8b89e5f5470a44Murus version 1.4.11 suffers from a local privilege escalation vulnerability.
0e54dcdaf89088884b3b4fe8c860ce2c1820fba2438e4d457cf098eaa6db9be6Hashicorp vagrant-vmware-fusion version 5.0.3 suffers from a local privilege escalation vulnerability.
a43a4f4049b059f5e05989d2e4d5835eb43f12c8ebe97a54b0d5b01a3c10b058Hashicorp vagrant-vmware-fusion version 5.0.1 suffers from a local privilege escalation vulnerability.
a13caeb5ec2db813859827321e421beb3cb89c74635957eef18041162682a798Readymade Classifieds Script version 1.0 suffers from a remote SQL injection vulnerability.
530b379f93769462b6ebb7bf637769953f2044d4448be62d3adfe79293544dd9Techno Portfolio Management Panel version 1.0 suffers from a remote SQL injection vulnerability.
685ef5f2a835ecbeddd2666de5b2f1d38b36290cbf06c9bf46a49e89a39c7e3bPerspective ICM Investigation and Case version 5.1.1.16 suffers from a privilege escalation vulnerability.
fe5a2efcbb06c628166488b411e5e50c98f3e34720f7cd6d471a027d8826b4d4Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.
3b279dce0d9c718461f40aa25c45dc95b868af836e0345f39644d63fbbe6acdfThis Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
16ad4379e6651e3ce0e9433a9c32d2a5e70809affcfd3f999c329227ce6dbc46
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed