Posted by Haifei Li on Mar 28
Hi,
Just wanted to let you know I’ve released a blog post discussing an interesting Outlook bug (remote crashing, or?),
feel free to reach me for discussions of the exploitability of the bug.
http://justhaifei1.blogspot.com/2017/03/an-interesting-outlook-bug.html
An Interesting Outlook Bug<http://justhaifei1.blogspot.com/2017/03/an-interesting-outlook-bug.html>
justhaifei1.blogspot.com
Last week I reported an interesting bug in…
An update for Red Hat Enterprise Linux Amazon Machine Image is now available for
Red Hat Enterprise Linux 6.
Updated Red Hat Directory Server packages that fix one bug are now
available for Red Hat Directory Server 9.
Red Hat Enterprise Linux: Updated yum-rhn-plugin packages that fix one bug are now available for Red Hat
Enterprise Linux 6.5 Advanced Update Support.
Updated Red Hat Update Infrastructure 2.x packages that enable additional
content streams such as AUS and ELS
Posted by hyp3rlinx on Mar 28
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/DZSOFT-v4.2.7-PHP-EDITOR-FILE-ENUMERATION.txt
[+] ISR: ApparitionSec
Vendor:
==============
www.dzsoft.com
Product:
=========================
DzSoft PHP Editor v4.2.7
DzSoft PHP Editor is a tool for writing and testing PHP and HTML pages.
Vulnerability Type:
====================
File Enumeration
CVE Reference:…
27th March, 2017
A security issue affects these releases of Ubuntu and its
derivatives:
GStreamer Base Plugins could be made to crash if it opened a specially
crafted file.
Hanno Böck discovered that GStreamer Base Plugins did not correctly handle
certain malformed media files. If a user were tricked into opening a
crafted media file with a GStreamer application, an attacker could cause a
denial of service via application crash.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
27th March, 2017
A security issue affects these releases of Ubuntu and its
derivatives:
GStreamer Good Plugins could be made to crash if it opened a specially
crafted file.
Hanno Böck discovered that GStreamer Good Plugins did not correctly handle
certain malformed media files. If a user were tricked into opening a
crafted media file with a GStreamer application, an attacker could cause a
denial of service via application crash.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
27th March, 2017
A security issue affects these releases of Ubuntu and its
derivatives:
Eject could be made to run programs as an administrator.
Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid
and setgid return values. A local attacker could use this issue to execute code
as an administrator.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the JPEG decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG file.