Red Hat Security Advisory 2016-2825-01 – Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
Monthly Archives: November 2016
The FBI Used A Non-Public Vulnerability To Hack Suspects On Tor
Snoopers Law Creates Security Nightmare
German Spy Chief Kahl Warns Of Election Disruption
Expansion Of FBI Hacking Powers Looks Likely
Hackers Make New Claim In San Francisco Transit Ransomware Attack
perl-DBD-MySQL-4.033-4.fc23
This release fixes CVE-2016-1249 (out-of-bound read when using server-side prepared statements) and CVE-2016-1251 vulnerability (a use after free when using prepared statements).
CVE-2016-5685 (idrac7_firmware, idrac8_firmware)
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
900,000 Germans knocked offline, as critical router flaw exploited
As many as 900,000 Deutsche Telekom customers were knocked offline on Sunday and Monday as an attempt was made to hijack broadband routers into a botnet.
The post 900,000 Germans knocked offline, as critical router flaw exploited appeared first on We Live Security.
Google Chrome Accessibility blink::Node Corruption
A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object using a vftable, when the pointer to that object is not valid, or the object is not of the expected type. Successful exploitation can lead to arbitrary code execution.