The JasPer project is an open source implementation for the JPEG-2000 codec. The library is affected by two heap-based buffer overflows which can lead to arbitrary code execution. The vulnerability is present in functions jpc_dec_cp_setfromcox() and jpc_dec_cp_setfromrgn(). A specially crafted jp2 file, can be used to trigger the overflows. Versions 1.900.1 and below are affected.

PBBoard CMS version 3.0.1 (updated on 13/09/2014) and below suffer from multiple remote SQL injection vulnerabilities.

In this paper, they authors present an implementation vulnerability found in some popular social login identity providers (including LinkedIn, Amazon and Mydigipass.com) and show how this vulnerability allowed them to impersonate users of third-party websites.

Red Hat Security Advisory 2014-1955-01 – The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. Note: This update changes the default value of the –retr-symlinks option. The file symbolic links are now traversed by default and pointed-to files are retrieved rather than creating a symbolic link locally.

Red Hat Security Advisory 2014-1956-01 – The wpa_supplicant package contains an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. It implements key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A command injection flaw was found in the way the wpa_cli utility executed action scripts. If wpa_cli was run in daemon mode to execute an action script, and wpa_supplicant was configured to connect to a P2P group, malicious P2P group parameters could cause wpa_cli to execute arbitrary code.

Debian Linux Security Advisory 3087-1 – Paolo Bonzini of Red Hat discovered that the blit region checks were insufficient in the Cirrus VGA emulator in qemu, a fast processor emulator. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process.

Ubuntu Security Notice 2431-2 – USN-2431-1 fixed vulnerabilities in mod_wsgi. The security update exposed an issue in the MAAS package, causing a regression. This update fixes the problem. It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode. Various other issues were also addressed.

Debian Linux Security Advisory 3086-1 – Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service, leaking sensitive information from memory or, potentially, execution of arbitrary code.

Ubuntu Security Notice 2433-1 – Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

Debian Linux Security Advisory 3089-1 – Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, a library for manipulating JPEG-2000 files, which could lead to denial of service (application crash) or the execution of arbitrary code.