OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability.
0398ff275466563cb7b556e656861a4cce90efc78f0844fe8ed3b226382eab70Red Hat Security Advisory 2017-2795-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
934a940dab30a592a02e07455e3094183299356243b334ef95ac79e84914895aRed Hat Security Advisory 2017-2802-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
bfd0689a6c80bfdd023af7ba1544e909bd3742cffc39037e70d4907f9e378ac9Red Hat Security Advisory 2017-2809-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
2cd12b03d2f33b5eca8602b894a216c2a22849b1ada1361fa1119aa29110e876Red Hat Security Advisory 2017-2811-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.8.
4625335874434e605c89b642c9228227df29e49da115ed2ae5344ae66dd9f48cRed Hat Security Advisory 2017-2808-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
f6590a11f2604542166e3cc7b6db6117e23303732c6aef136befc45deb5384ebRed Hat Security Advisory 2017-2801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
ba1c030ec21e814f6a1cd612c57efcdf9cf2e048e865ea5156413a3da7884c5fRed Hat Security Advisory 2017-2796-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
866324fca23747f69de4e8ef9551dad894b102df8aa49be3b5d059c922eb20ddRed Hat Security Advisory 2017-2793-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
c9fff4891a8921a1d680380df8587c02a6e20f76f5ee7eea18c9a1ddbd6e67beRed Hat Security Advisory 2017-2794-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
68ea50ab00f02a7b3ff4323f4ecd7472a907b5657bfbe53369a53538c4b95c33Red Hat Security Advisory 2017-2797-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
f02373e421ca9abcaa1761c1507fde90dcd1950ddf0498eae02ed610189b206fRed Hat Security Advisory 2017-2798-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
40f9f08efc1c1976c5e55dfb0092643a2f5f1f194edeff4cc6addf135da1cbddGentoo Linux Security Advisory 201709-27 - Multiple vulnerabilities have been found in LibTIFF, the worst of which could result in the execution of arbitrary code. Versions less than 4.0.8 are affected.
063099c971a240f228a2cccdc7a688d44d95300bcfd47b1fddd1ac9b8d180bddSitefinity CMS version 9.2 suffers from a cross site scripting vulnerability.
5a521e2a5d7b62d6d670eb99caa0f8e02a086662a27527256e6eae4a7fcc822b30 bytes small Linux/x86_64 mkdir() shellcode.
3154b02a88675f37e8780c81b32546679ba6686baf27481ec41777b0a348c642WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.
002a3736f35165f27d436158d977314b06faa829c566c2756ff55f4fee8ccbd6Fibaro Home Center 2 suffers from a remote command execution vulnerability.
11548002a8f3c0fd1ddc06f983086682510f784d6894bcba3fc8b83307255164WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.
40ead3ade91d7b615cce1d3227bd3c3f2d4c2bc405783359380f4cd69e3108d8WordPress School Management System extension suffers from a remote SQL injection vulnerability.
e817b43e8ca7655a2629e011082235e6601d28c409eba2796ca264fb95cca9c8WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.
052d648adb46fd7ba11ffd9d1a782e432d4de85708492539e0ec408c2bf20df1This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4dGentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.
90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02caPhrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622.
a2a651765bcc685814d2b564c3c669f0395802f26c4a1113472d38c2118c52fd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed