Red Hat Security Advisory 2018-3833-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
fbd38bb2a680f9d27e5a1e276b257275Red Hat Security Advisory 2018-3831-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
ebeb7bb38ac5254f369742495d0aa131Red Hat Security Advisory 2018-3829-01 - Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into active Gluster storage pools by using the Grafana platform. Red Hat Gluster Storage Web Administration provides a dashboard view which allows an administrator to get a view of overall gluster health in terms of hosts, volumes, bricks, and other components of GlusterFS. Issues addressed include a bypass vulnerability.
531e629291f8c6603e7d274323f594a2Gentoo Linux Security Advisory 201812-8 - A vulnerability in Scala could result in privilege escalation. Versions less than 2.12.4 are affected.
601bad8338ac1e63ab11c2d2b4c284c8Gentoo Linux Security Advisory 201812-7 - Multiple vulnerabilities have been found in SpamAssassin, the worst of which may lead to remote code execution. Versions prior to 3.4.2-r2 are affected.
2bdae83b43f64a7a41f342bfc8c7b2d2Gentoo Linux Security Advisory 201812-6 - Multiple vulnerabilities have been found in CouchDB, the worst of which could lead to the remote execution of code. Versions less than or equal to 2.1.2 are affected.
29d0c82fbae90827323dc3f5882c9453WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code execution.
86a36b1af77b318cca7a3d8fd9bf22e7Micro Focus Security Bulletin MFSBGN03835 1 - The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users access to arbitrary details of the Local and LDAP users via POST method and to arbitrary details of other user's Fortify projects via GET method. Revision 1 of this advisory.
a82397b74c12246840801aa85de6924cMicro Focus Security Bulletin MFSBGN03837 1 - A vulnerabilities in Apache Tomcat was addressed by Micro Focus Network Node Manager i. The vulnerability could be exploited Remote Cross-Site Scripting (XSS) and Remote Disclosure of Information. Revision 1 of this advisory.
b78255fa627420eca82d0a77ad0d256dRed Hat Security Advisory 2018-3816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include memory disclosure and client-side security problems.
8e006513de19d1c89ea0cf3c9d7db529Debian Linux Security Advisory 4354-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy.
069b08206411c967d5eeab694c9e2c5aRed Hat Security Advisory 2018-3822-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an use-after-free vulnerability.
c301b49a9797cdedb4d138d919f36628Red Hat Security Advisory 2018-3823-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an use-after-free vulnerability.
ba98eb254b3c0ff4e90c59c44d9cee5cSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
ad3d099c95d34fa0ec7e375b77d57f7cUbuntu Security Notice 3845-1 - Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 18.04 LTS and Ubuntu 18.10. Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
7c30480f14d84266396689b1137c7a58CUPS generates session cookies srandom(time(NULL)) and random() on Linux.
583f7c6a7321642c12877e79a0682883The Logitech "Options" craft websocket server has no authentication.
351cebf77410e506f6772f6e57f6204eUbuntu Security Notice 3844-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code. Multiple security issues were discovered in WebExtensions. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to open privileged pages, or bypass other security restrictions. Various other issues were also addressed.
cd05546757b473bab2c95bffccfca6ccThis Microsoft bulletin summary lists CVEs that have undergone a major revision increment.
daba53b32d460668b295e117cea74508This Microsoft summary lists Microsoft security updates released for December 11, 2018.
7ec3fe38354da1d6b93072fc64bb4dbbThis Microsoft advisory notification includes advisories released or updated on December 11, 2018.
a0026433f5c0b229424091c03e858aa1Ubuntu Security Notice 3843-2 - USN-3843-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
6750b72273b628db8f06739166f59793Ubuntu Security Notice 3843-1 - It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
070f65503dc6e6c2f7d2711ac101acd4Ubuntu Security Notice 3837-2 - USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
377baed8b82a680a84a9c85cdc9060d2Debian Linux Security Advisory 4353-1 - Multiple security issues were found in PHP, a widely-used open source denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open() function and denial of service in the imap_mail() function.
d9b1a99e04d2c1e6335bb4aef129d5a1
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed