A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific PDF file to trigger this vulnerability.
Monthly Archives: February 2017
The core security components of Avast 2017
Technology has become an integral part of our lives – at work, at school, and at home – even on our bodies. Without security, we wouldn’t be nearly as productive or enjoy the benefits it brings to our lives. The range of devices and the numerous attack vectors the bad guys have at their disposal calls for technologically advanced cybersecurity. The days of simple antivirus scans are gone. Modern systems of threat detection include core processes such as structural analysis, behavioral scanning, and cloud-based intelligence.
1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure
WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
kernel-4.9.9-100.fc24
The 4.9.9. update contains a number of important fixes across the tree
InfoSec 2017 Call For Papers
The Call For Papers for InfoSec 2017 has been announced. It will be hosted by the Faculty of Management, Comenius University in Bratislava, Slovakia on June 29th through July 1st, 2017.
Ubuntu Security Notice USN-3190-2
Ubuntu Security Notice 3190-2 – Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free existed in the KVM susbsystem of the Linux kernel when creating devices. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
Ubuntu Security Notice USN-3195-1
Ubuntu Security Notice 3195-1 – James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended firewall configuration.