RHEL 7 : libarchive (RHSA-2016:1844)

An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Scientific Linux Security Update : libarchive on SL7.x x86_64 (20160912)

Security Fixes : - A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

Archive-Tar-Minitar Directory Traversal Vulnerability

Minitar allows attackers to overwrite arbitrary files during archive extraction via a .. dot dot in an extracted filename. Analogous vulnerabilities for unzip and tar: https://www.cvedetails.com/cve/CVE-2001-1268/ and http://www.cvedetails.com/cve/CVE-2001-1267/ Credit: ecneladis...

QNAP QTS 4.2.1 Build 20160601 Arbitrary File Overwrite

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2016-053 Product: QNAP QTS Manufacturer: QNAP Affected Versions: 4.2.1 Build 20160601 Tested Versions: 4.2.1 Build 20160601 - 4.2.2 Build 20160812 Vulnerability Type: Arbitrary file overwrite CWE-23 Risk Level: High Solution Status...

GNU wget HTTP Redirect Arbitrary File Overwrite (CVE-2016-4971)

An arbitrary file overwrite vulnerability has been reported in the GNU wget. The vulnerability is due to wget trusting the filename provided by an FTP server when the original request is redirected from an HTTP server. A remote attacker can exploit this vulnerability by enticing a user to request...

The vulnerability of PHP software allows a malicious attacker to compromise the integrity and accessibility of protected information.

The vulnerability exists in the GD context component of PHP, due to the presence of the sequence %00 in path names. Exploiting this vulnerability allows malicious actors to overwrite arbitrary files using specially crafted input data that triggers the functions imagegd, imagegd2, imagegif,...

Debian DLA-542-1 : pidgin security update

Numerous security issues have been identified and fixed in Pidgin in Debian/Wheezy. CVE-2016-2365 MXIT Markup Command Denial of Service Vulnerability CVE-2016-2366 MXIT Table Command Denial of Service Vulnerability CVE-2016-2367 MXIT Avatar Length Memory Disclosure Vulnerability CVE-2016-2368 MXI...

lib32-gnutls: arbitrary file overwrite

Setuid programs using GnuTLS could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 with the GNUTLSKEYLOGFILE environment variable handling via getenv and fixed in GnuTLS 3.4.13 by switching to securegetenv where...

FreeBSD-SA-16:22.libarchive

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:22.libarchive Security Advisory The FreeBSD Project Topic: Directory traversal in cpio1 Category: contrib Module: libarchive Announced: 2016-05-31 Credits:...

UCS Director Arbitrary File Overwrite Vulnerability

Cisco UCS Director is prone to a vulnerability that may allow attackers to over write arbitrary files. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

binutils: directory traversal vulnerability

A directory traversal flaw was found in the strip and objcopy utilities. A specially crafted file could cause strip or objdump to overwrite an arbitrary file writable by the user running either of these utilities...

libsndfile heap buffer overflow vulnerability

libsndfile is a C library developed by software developer Erik de Castro Lopo that reads and writes audio files in AIFF, AU, and WAV formats through standard interfaces. A heap buffer overflow vulnerability exists in libsndfile version 1.0.25. A remote attacker can exploit the vulnerability by...

NTP Arbitrary File Overwrite Vulnerability

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. A security vulnerability exists in NTP versions prior to 4.2.8p4 and 4.3.x prior to 4.3.77. Since the program allows unlimited pidfile and driftfile paths to be set using the :conf...

Multiple Arbitrary File Overwrite Vulnerabilities in NTP

Network Time Protocol is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. The NTP :config command can set the pidfile and driftfile paths without restriction, allowing remote attackers to exploit this vulnerability to overwrite files on...

Mozilla Firefox < 40.0 Multiple Vulnerabilities

Binary data 8856.prm...

Mozilla Firefox ESR < 38.2

The version of Firefox ESR installed on the remote Windows host is prior to 38.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2015-83 advisory. - crash in @ stagefright::SampleTable::isValid with h264 mp4CVE-2015-4480 CVE-2015-4480 - MPEG4 saio Chunk Integer...

Atlassian JIRA < 5.1.5 SOAP API Arbitrary File Overwrite

According to its self-reported version number, the version of Atlassian JIRA hosted on the remote web server is prior to version 5.1.5. It is, therefore, potentially affected by an arbitrary file overwrite vulnerability in the SOAP API used by JIRA. A remote, unauthenticated attacker can exploit...

KLA10641 Multiple vulnerabilities in HP System Management Homepage

Multiple serious vulnerabilities have been found in HP System Management Homepage. Malicious users can exploit remotely these vulnerabilities to cause a denial of service, execution of arbitrary code, unauthorized modifications and access, disclosure of information and CSRF cross-site request...