Debian Linux Security Advisory 3914-1 - memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, SVG, PSD, PDB, DPX, MAT, TGA, VST, CIN, DIB, MPC, EPT, JNG, DJVU, JPEG, ICO, PALM or MNG files are processed.
0f034f310d2383ee144c6075970bf32287ef618568e6f3447ec99ae371fb0055Ubuntu Security Notice 3309-2 - Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbitrary code.
d2c0c5302f6559086320ecc7ba3af4421baf11d0f0d29206837bd55883c8d012Barracuda Load Balancer Firmware versions 6.0.1.006 (2016-08-19) and below post-authentication remote root exploit.
761cc64c788d41c81b773e2661fb538a8d4516f8a3c77082756bc9a65c69ee93UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.
518d692e08a8aaf7263a46e0a6bddc36c9affafb51d721a8c41cba13585c9e26Various GPC Sanitization bypasses exist in Cisco WebEx that can permit from arbitrary remote command execution.
2742e774481d9cd4f1486925a8d6d0f5cd50b3e1c50f16db34aa9fee06887044Ubuntu Security Notice 3354-1 - Felix Wilhelm discovered a path traversal vulnerability in Apport when handling the ExecutablePath field in crash files. An attacker could trick a user into opening a specially crafted crash file and execute arbitrary code with the user's privileges.
d23b12ba59af204c5cc0a7994cb118dba5276e4918828e26d2221716a8af6b73Ubuntu Security Notice 3274-2 - USN-3274-1 fixed a vulnerability in icu. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that ICU incorrectly handled certain memory A operations when processing data. If an application using ICU processed A crafted data, a remote attacker could possibly cause it to crash or A potentially execute arbitrary code with the privileges of the user A invoking the program. Various other issues were also addressed.
65f5689b27b022b9425e92be5d0bd4dabc33446115be4104267678813d89a296Microsoft Internet Explorer suffers from a memory corruption vulnerability in CMarkup::DestroySplayTree. The bug was confirmed on IE version 11.0.9600.18617 (Update version 11.0.40) running on Windows 7 64-bit.
c58903dd193f7839cd836f12f61a126151db2248cb30e60241e98c8ec782dd43Red Hat Security Advisory 2017-1766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
088afa5793e91c519ee5f828bba7a17dd003285a0359e717afe5c0c14d329a65The Microsoft Windows kernel suffers from a nsiproxy/netio pool memory disclosure vulnerability in the handling of IOCTL 0x120007 (NsiGetParameter).
8229d08febcaa9bd8c80abedcecc4b916525c1c1c631b418d8e2c05fc4e24759Sophos Web Appliance version 4.3.0.2 reporting JSON trafficType remote command injection exploit.
b7c8712bb8d62608c24d118744810037b7c47dba41c89048cac2b15b57b84234
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed