Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
All posts by 007admin
DSA-3821 gst-plugins-ugly1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
DSA-3820 gst-plugins-good1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
DSA-3822 gstreamer1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
DSA-3819 gst-plugins-base1.0 – security update
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media
framework and its codecs and demuxers, which may result in denial of
service or the execution of arbitrary code if a malformed media file is
opened.
Vuln: Mozilla Firefox and Thunderbird CVE-2017-5400 Multiple Memory-Corruption Vulnerabilities
Mozilla Firefox and Thunderbird CVE-2017-5400 Multiple Memory-Corruption Vulnerabilities
Vuln: Mozilla Firefox and Thunderbird Multiple Use After Free Denial of Service Vulnerabilities
Mozilla Firefox and Thunderbird Multiple Use After Free Denial of Service Vulnerabilities
Vuln: Mozilla Firefox and Thunderbird CVE-2017-5401 Memory Corruption Vulnerability
Mozilla Firefox and Thunderbird CVE-2017-5401 Memory Corruption Vulnerability
Vuln: Mozilla Firefox and Thunderbird Multiple Security Vulnerabilities
Mozilla Firefox and Thunderbird Multiple Security Vulnerabilities
CVE-2017-5622
With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnerabilities and/or exfiltrate sensitive information.