Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN.
1ce1f492c6697220a1377f632e2b8f79There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a negative packet length. Then, CAudioJBM::InputAudioFrameToJBM will check that the packet size is smaller than the size of a buffer before calling memcpy, but this check (n < 300) does not consider that the packet length could be negative due to the previous error. This leads to an out-of-bounds copy.
d5e852c27b43a4bc7e13605282d84e25Debian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.
693cc7f45920414191581d78799f2d01ASTPP version 4.0.1 VoIP billing suffers from a database backup disclosure vulnerability.
8624082f784690fbd7d31d7ec3b9d239The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.
81a8ef5675cb81458a3c0622ae1d3bb8PixelStor 5000 version K:4.0.1580-20150629 suffers from a remote code execution vulnerability.
a25a7c1c7a2a32aecbb09985ec496a36Pandora version 7.0NG suffers from a remote code execution vulnerability.
4add4410c9b8848969b49b4f3912a4c2Ubuntu Security Notice 4234-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy restrictions, conduct cross-site scripting attacks, or execute arbitrary code.
1a51e76c4ef522241e5832bf35b5dcacTotalAV 2020 version 4.14.31 suffers from a privilege escalation vulnerability.
fa745ef8d8c4c3ce7882248588396e62The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.
8c75c890b3117a95e00edfc1d15eba80Backup Key Recovery version 2.2.5 suffers from a denial of service vulnerability.
dd7242a8376ece8d62759212b744fdb0Microsoft Windows 10 UAC bypass local privilege escalation exploit.
16db619cfe3e07e3c53b9e243f5882b4This patch mitigates allowing launcher the ability to execute arbitrary programs.
d0e094be8a12f022f64cbd5e9ac858ac
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed