Red Hat Security Advisory 2017-0455-01

March 7, 2017 007admin Leave a comment

Red Hat Security Advisory 2017-0455-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements. Multiple security issues have been addressed.

Security

Huawei HG658 V2 Cross Site Scripting

March 7, 2017 007admin Leave a comment

Huawei HG658 V2 suffers from a cross site scripting vulnerability.

Security

Agora-Project 3.2.2 Cross Site Scripting

March 7, 2017 007admin Leave a comment

Agora-Project version 3.2.2 suffers from a cross site scripting vulnerability.

Security

Job Portal Script 3.0 Cross Site Scripting / SQL Injection

March 7, 2017 007admin Leave a comment

Job Portal Script version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

Debian

DSA-3805 firefox-esr – security update

March 7, 2017 007admin Leave a comment

Multiple security issues have been found in the Mozilla Firefox web
browser: Multiple memory safety errors, use-after-frees and other
implementation errors may lead to the execution of arbitrary code, ASLR
bypass, information disclosure or denial of service.

Debian

DSA-3803 texlive-base – security update

March 7, 2017 007admin Leave a comment

It was discovered that texlive-base, the TeX Live package which provides
the essential TeX programs and files, whitelists mpost as an external
program to be run from within the TeX source code (called write18).
Since mpost allows to specify other programs to be run, an attacker can
take advantage of this flaw for arbitrary code execution when compiling
a TeX document.

Debian