[slackware-security] bind (SSA:2017-103-01)
Category Archives: Security
Security
Bugtraq: [security bulletin] HPESBGN03728 rev.1 – HPE Operations Agent using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access to Data
[security bulletin] HPESBGN03728 rev.1 – HPE Operations Agent using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access to Data
Bugtraq: [SYSS-2017-009] agorum core Pro – Improper Restriction of XML External Entity Reference ('XXE')
[SYSS-2017-009] agorum core Pro – Improper Restriction of XML External Entity Reference (‘XXE’)
Bugtraq: concrete5 v8.1.0 Host Header Injection
concrete5 v8.1.0 Host Header Injection
RHEA-2017:0977-1: Red Hat Enterprise MRG Realtime 2.5 enhancement update
Red Hat Enterprise Linux: Updated Red Hat Enterprise MRG Realtime packages that add one enhancement are
now available for Red Hat Enterprise MRG 2.5.
Exploit Kit Activity Quiets, But Is Far From Silent
Here are the exploit kits to watch for over the next three to six months.
Adobe Creative Cloud Desktop Application <= v4.0.0.185 Privilege Escalation
Posted by hyp3rlinx on Apr 14
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/ADOBE-CREATIVE-CLOUD-PRIVILEGE-ESCALATION.txt
[+] ISR: apparitionSec
Vendor:
==============
www.adobe.com
Product:
========================================
Adobe Creative Cloud Desktop Application
<= v4.0.0.185
Vulnerability Type:
=====================
Privilege Escalation
CVE Reference:
==============…
CVE-2017-7861
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.
CVE-2017-7858
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
CVE-2017-7867
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.