The research in this paper leads to the discovery of a series of high-impact security weaknesses, which enable a sandboxed malicious app, approved by the Apple Store, to gain unauthorized access to other apps' sensitive data. More specifically, the researchers found that the inter-app interaction services, including the keychain and WebSocket on OS X and URL Scheme on OS X and iOS, can all be exploited by the malware to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote.
ece3215f1041638c7e80717f3528c48fffb5d9d0f9b925cd46938a293c3d9f4f
RSA Validation Manager versions 3.2 prior to build 201 suffer from race condition, cross site scripting, denial of service, and various other vulnerabilities.
703e04b821a0df9e65975d31c6a38a8fc2688b91256b2bfeecf3b49ca2c66426
The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and where overlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces. This is the default configuration of Ubuntu 12.04, 14.04, 14.10, and 15.04. Included is a full exploit demonstration root code execution.
f86829bc8ea48c36f6d3cd054fa6293bb6beab50057404ccaddcd6c16e8bed3c
Ubuntu Security Notice 2649-1 - It was discovered that the uupdate tool incorrectly handled symlinks. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly replace arbitrary files, leading to a privilege escalation.
7d5451bdd010c364078a583ebeb8b2ea946413d031c6886bd1a9f1f94760b3fa
Ubuntu Security Notice 2650-1 - Kostya Kortchinsky discovered multiple flaws in wpa_supplicant and hostapd. A remote attacker could use these issues to cause wpa_supplicant or hostapd to crash, resulting in a denial of service.
c3ee6d4a5670629f11fe50ed57e6cdd0dc404dd3bb4af89ba16a428653faabeb
CellPipe 7130 router version 1.0.0.20h.HOL suffers from a cross site scripting vulnerability.
3dbbd6127d694b4edcf1b718fd1acdcbca841f4fde9082ba044f21f713cb578d
Red Hat Security Advisory 2015-1120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.
3ec1967895e1681c1fef937c63310959e9099d0c14bde83f555875f3684d3b70
Ubuntu Security Notice 2648-1 - Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user.
e05a32cadd10925759bdbae89726726df91c6208026ce4e19f73e37857c62c94
CellPipe 7130 router version 1.0.0.20h.HOL suffers from a cross site request forgery vulnerability.
b4208c80088ecfa773353853c2cf70171df70a35ad267695d22e5afeee28d344
EMC UIM/P version 4.1 contains an authentication bypass vulnerability that could potentially be exploited by malicious users to compromise the affected system.
78dbdf84e5e6fea60c5c569a4239e7b4a69a9358a122b03e7e12294bc7f068de
BlackCat CMS version 1.1.1 suffers from an arbitrary file download vulnerability.
f8fe91c327a9426411a6ab0146f398710c166865e0b8856056ca898353a6d541
RealTimes (Realplayer) versions 18.0.1.6 and below suffer from a desktop service trusted path privilege escalation vulnerability.
a464f6ef7f8e5ab701f2dd718de925bb0e3201cd2c1a94efc90b3b217d06f0bc
XtMediaPlayer version 0.93 memory corruption proof of concept exploit.
6f20422bb0ff521e463929e32ec936ee0b979b95a289460be8c2a8c3b0461fd5
58 bytes small Linux/x86 /etc/passwd reading shellcode.
6563636ad1d60a1ea50d144df18758818cb2033648591b1d94ca955faf18635f
FinePlayer version 2.20 memory corruption proof of concept exploit.
cfd118d530c7f9ec518ef261b7367e07b28950a2f5988cee0e98550918186628
Ubuntu Security Notice 2640-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
122682e2079f57b9d20ea0a53cbcf1fa27541a19754e2ff8123b4183c67919ef
Red Hat Security Advisory 2015-1115-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. A flaw was found in the way the OpenSSL packages shipped with Red Hat Enterprise Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash.
1b03a59ced9eb1deb3dcf1406ad52dd97e4fd2cb4f2722a75565166a58d99154
Debian Linux Security Advisory 3289-1 - Alexander Cherepanov discovered that p7zip is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directory.
4be0daf5b3f39172c01e0cf01217ee23e5f5eceee2070d75eb05fb357f095125
Ubuntu Security Notice 2646-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
60e696bc948e127ea85fd077ad0c209bf2f09534c2c0a8621a196e2cd97921b8
Ubuntu Security Notice 2645-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
de2b82ff912d766408dc20664b6f617bc06909cc0ddd19f4b148902d938c7d78
Ubuntu Security Notice 2647-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
81f655f162aa73118e6b4213c239628a4fc5ae162d9fda3cc8ebc5d36142523c
Ubuntu Security Notice 2643-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
46bd8c4289069bc8f1619e0e070000f2b1911c349d885324ec84b1829ab40f43
Ubuntu Security Notice 2644-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
941755602ec4f1f924dce22ad303c8570a47cadbfe65e3460042222d0f46dbc0
Ubuntu Security Notice 2641-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
7b9cbf736d04f0b23cbaf259f21e2c322036327619471c50a6d7479caa3b6a5e
Ubuntu Security Notice 2642-1 - Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.
6bfcc19b73797a1c86fc721f991369d043fb6e00cf5a2dd6631cf1ad67a4248b