Ubuntu Security Notice 4646-2 - USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. Various other issues were also addressed.
0b505ce3fcb8bc020d54095819e940faUbuntu Security Notice 4382-2 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.
6a358e6b9c45a8fd4d61e8756172aeecUbuntu Security Notice 4647-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting attacks, bypass Content Security Policy restrictions, conduct DNS rebinding attacks, or execute arbitrary code.
662abdc998a96f824b8b60a609daef62libupnp version 1.6.18 stack-based buffer overflow denial of service exploit.
eec0f79236ada16154ef65b5142e8111Ubuntu Security Notice 4648-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
6fe24a2351dd3e1ef847961c9f674d37Ubuntu Security Notice 4646-1 - It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service.
7cf4344708476bc2707af653630128cePure-FTPd version 1.0.48 suffers from a denial of service vulnerability.
4faedb0ebc45caaf698a7e127f51e1beUbuntu Security Notice 4644-1 - It was discovered that igraph mishandled certain malformed XML. An attacker could use this vulnerability to cause a denial of service.
a0fa8d720ad6105276d63d5678047877Ubuntu Security Notice 4643-1 - It was discovered that atftp's FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service or possibly execute arbitrary code. It was discovered that atftp's FTP server did not make proper use of mutexes when locking certain data structures. An attacker could use this to cause a denial of service via a NULL pointer dereference.
bcc71db7af3bff7d8c36dc1d56b825feRed Hat Security Advisory 2020-5179-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include a denial of service vulnerability.
32d76f8ffc8bd331459a547cee40769eRed Hat Security Advisory 2020-5218-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.
d0fd0978d3c50c95ba57085e14303406Red Hat Security Advisory 2020-5118-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
127a063a92799e5c362b7ff9adaa82f9Red Hat Security Advisory 2020-5119-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
1ae94f3e574c39e3a0e6d51806f1517eUbuntu Security Notice 4642-1 - It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service or arbitrary code execution.
e238caa5145e021e67c028deec6d2611Ubuntu Security Notice 4641-1 - It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
c82046881c21e0f0f413cda7a060a88cRed Hat Security Advisory 2020-5206-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.
7276f2526c9cb7d92f3356f04f4817adApache OpenMeetings version 5.0.0 suffers from a denial of service vulnerability.
59eb8c12340cd20675e0710a793e9bcbUbuntu Security Notice 4634-2 - USN-4634-1 fixed several vulnerabilities in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain malformed inputs. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. Various other issues were also addressed.
39cf896ad02b5474669afbc680180429Red Hat Security Advisory 2020-5170-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.4 serves as a replacement for Red Hat JBoss Web Server 5.3, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
b5085307d40df3ae3d9275ccf7a3969aRed Hat Security Advisory 2020-5173-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.4 serves as a replacement for Red Hat JBoss Web Server 5.3, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
c72ffe222101389c1405d5d32712cb6bUbuntu Security Notice 4637-2 - USN-4637-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting attacks, bypass Content Security Policy restrictions, conduct DNS rebinding attacks, or execute arbitrary code. Various other issues were also addressed.
8c15181a66199d7dd9ff0f8f1e832367Ubuntu Security Notice 4638-1 - It was discovered that c-ares incorrectly handled certain DNS requests. An attacker could possibly use this issue to cause a denial of service.
44f58c24d1c620f3c03815521bb69811Ubuntu Security Notice 4637-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting attacks, bypass Content Security Policy restrictions, conduct DNS rebinding attacks, or execute arbitrary code.
08275d480c462e399d22748a92c497efUbuntu Security Notice 4636-1 - It was discovered that LibVNCServer incorrectly handled certain internals. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Vino package ships with a LibVNCServer source and all listed releases were affected for this package.
c83ff523d65d2e8a8c0cdcee374049ceUbuntu Security Notice 4635-1 - Demi Obenour discovered that Kerberos incorrectly handled certain ASN.1. An attacker could possibly use this issue to cause a denial of service.
5a3d095b1a6ac63fd252bba333f2a7e2
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed