[slackware-security] bind (SSA:2017-103-01)
Category Archives: Security
Security
Bugtraq: [security bulletin] HPESBGN03728 rev.1 – HPE Operations Agent using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access to Data
[security bulletin] HPESBGN03728 rev.1 – HPE Operations Agent using OpenSSL, Remote Denial of Service (DoS), Unauthorized Access to Data
Bugtraq: [SYSS-2017-009] agorum core Pro – Improper Restriction of XML External Entity Reference ('XXE')
[SYSS-2017-009] agorum core Pro – Improper Restriction of XML External Entity Reference (‘XXE’)
Bugtraq: concrete5 v8.1.0 Host Header Injection
concrete5 v8.1.0 Host Header Injection
RHEA-2017:0977-1: Red Hat Enterprise MRG Realtime 2.5 enhancement update
Red Hat Enterprise Linux: Updated Red Hat Enterprise MRG Realtime packages that add one enhancement are
now available for Red Hat Enterprise MRG 2.5.
Exploit Kit Activity Quiets, But Is Far From Silent
Here are the exploit kits to watch for over the next three to six months.
Adobe Creative Cloud Desktop Application <= v4.0.0.185 Privilege Escalation
Posted by hyp3rlinx on Apr 14
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/ADOBE-CREATIVE-CLOUD-PRIVILEGE-ESCALATION.txt
[+] ISR: apparitionSec
Vendor:
==============
www.adobe.com
Product:
========================================
Adobe Creative Cloud Desktop Application
<= v4.0.0.185
Vulnerability Type:
=====================
Privilege Escalation
CVE Reference:
==============…
CVE-2017-7866
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
CVE-2016-10327
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
CVE-2017-7865
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.