Red Hat Security Advisory 2017-1567-01 - Red Hat Container Development Kit is a platform for developing containerized applicationsaaait is a set of tools that enables developers to quickly and easily set up an environment for developing and testing containerized applications on the Red Hat Enterprise Linux platform. With this update, Container Development Kit has been updated to 3.0.0-2, which includes an updated Red Hat Enterprise Linux ISO that contains fixes for the following security issues. Multiple security issues have been addressed.
a44f757946233e3a364bd96604e6658ea5f5335e5e0f8ec459d87aed6e053f59
Red Hat Security Advisory 2017-1561-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.2.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
502ad26d007c53fa4eb41c7d2c2e6e3149dbaeb0df72f833d10b786f83e62751
Sitecore versions 7.1 and 7.2 suffer from a cross site scripting vulnerability.
7cb804096789262362d1b2e7085815278e8c60bda09cf8641faa39c272e28205
This Microsoft bulletin summary lists many CVEs that have undergone a major revision increment.
319f129f72880daf729fa0c2761541421d1e20100a405cb2c6d871449553c09c
EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. Versions affected include 7.1.x, 7.2.0 through 7.2.1.4, 8.0.0 through 8.0.0.3, and 8.0.1.0.
3bfca004cf67807c5ac9d6b5dff8c4a178b1f8699f760613c830de6d1631f379
EMC Avamar suffers from authentication bypass and remote file upload vulnerabilities.
7e89b48fe4f81cba31f75621518071ad79aa069b0533deee9712baf2abee8429
WordPress Download Manager plugin versions 2.9.46 and 2.9.51 suffer from a cross site scripting vulnerability.
9de753843f33ce3f2dc9d5d13e262f6df0bb99ce7db35001b0177d5ed23072d8
WordPress Photo Gallery plugin versions 1.3.34 and 1.3.42 suffer from a path traversal vulnerability.
2e48b2bcd6a9011319d2820c216c197e008cdd23983c64c58a88c29df02fc36b
It appears that the VMSF_DELTA memory corruption that was reported to Sophos AV in 2012 (and fixed there) was actually inherited from upstream unrar. For unknown reasons, whoever fixed the bug did not report this to upstream unrar, and the bug seems to have persisted there to this day.
3b8acd8becd11c0b8cca739d5aa19f140cbee2a41f1ddb62a46f97e63d344ea2
Bitdefender AV crashes when fed malicious RAR files from 2013.
4caf1f040e3e33d6970a65f2cf9a0e578182d36dbed0cc6388947a286ae01457
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation).
8640de8913ad18d001d4ce85d7df076bb0c01b500bd2537ba2946961cbb49999
The Microsoft Windows kernel suffers from an ATMFD.DLL out-of-bounds read vulnerability via a malformed Name INDEX in the CFF table.
a21fad8c3cb205d4714174fdb1b13075f47dfb5639a4cd14a715e1e83f945c18
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationResourceManager (information class 0).
6f83a7e9f97c7308a2e6094f5d2727a7e3be211ff7552afafb0056dfae675dc4
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlReverseChainingLookup::apply.
be7fa96c387b2997b7b82606d8a4c2cada52908fcb4a818666cf5df429c14b22
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlValueRecord::adjustPos.
f9896fa3eb41012f8820a74bd403a8acde8a7832ac07ec863810cca161c5eecb
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!otlSinglePosLookup::getCoverageTable.
77094d2610c9aa8236ab477f043f6c4a1eb4a28b6fe581cf95b86f0738b3269d
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!NextCharInLiga.
b305f68a67213890e4773eee3eb6c9f21ac9c97da9b5ecf5ca99a0309abc8272
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!CreateIndexTable.
2ea28f694f6036fc0bfdecb1286f1d6097f8970d0a0c9f6846a3fb287c9281da
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!SubstituteNtoM.
5d4367e924b041d433fd9c255f4b18605cc555ec79a4482938bdf3a51448b386
Microsoft Windows suffers from a Uniscribe font processing out-of-bounds memory read vulnerability in USP10!ttoGetTableData.
0b7c8a73853e9fabd35c734bb7d56ed9f7be40f253783b2de6e51814e11f8cee
Microsoft Windows suffers from a Uniscribe font processing heap-based memory corruption vulnerability in USP10!MergeLigRecords.
d61080fc5ce5dbe5dcb647fa08c357cd7822b58dea2f8b1f6bd84d6d1f0d4264
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationTransaction (information class 1).
3ccdcc8ffd9aa79f635d6ea98499715efaeb0b1b6df427535e0582ab63ee81de
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationJobObject (information class 28).
c52588598c7d0dabdbdbbb6f165afd50131988387f003dc71041e16431c5fb62
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!NtQueryInformationJobObject (information class 12).
4cad26be73eaf3b9c7424c2a6cc0af2b98280347bb034e5f0c7b322da341b441
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiMakeFontDir.
53ed3230019af3cdca4f540f99c4a3ff0058efdf43049ef42b94f972758bba5b