Ubuntu 14.04 LTS / 16.04 LTS : Firefox regressions (USN-3544-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3544-2 advisory. USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances...

USN-3544-2: Firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

Veeam Backup & Replication support for vSphere

Purpose This article provides information about compatibility between vSphere and Veeam Backup & Replication. Solution The vSphere versions listed in this article include all applicable patches for those versions. vCenter Server versions and build numbers Build numbers and versions of VMware...

Compatibility update for upgrading to Windows 10 version 1703: February 13, 2018

Compatibility update for upgrading to Windows 10 version 1703: February 13, 2018 Summary This update makes improvements to ease the upgrade experience to Windows 10 version 1703. How to get this update Method 1 – Windows Update This update is available through Windows Update. It will be downloade...

RHEL 6 : jboss-ec2-eap (RHSA-2018:0275)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0275 advisory. The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services AWS Elastic...

[ASA-201801-23] libcurl-compat: multiple issues

Arch Linux Security Advisory ASA-201801-23 ========================================== Severity: Medium Date : 2018-01-29 CVE-ID : CVE-2018-1000005 CVE-2018-1000007 Package : libcurl-compat Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-595 Summary ======= The packag...

Fedora 26 : glibc (2018-8e27ad96ed)

This update addresses two security vulnerabilities : - CVE-2017-15670, CVE-2017-15671, CVE-2017-15804: Various vulnerabilities could lead to memory corruption in the glob and glob64 function. RHBZ1505298, RHBZ1504807 - CVE-2017-16997: Check for empty tokens before dynamic string token expansion i...

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: January 9, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about the...

Vulnerability of Microsoft Word text editor, the Microsoft Office Compability Pack, and other Microsoft Office programs, caused by an operation that goes beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Word, the Microsoft Office Compability Pack, and other Microsoft Office programs arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current...

The vulnerabilities of Microsoft Excel editors, Microsoft Excel Viewer for electronic spreadsheet viewing, and the Microsoft Office Compatibility Pack are caused by an operation that goes beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Excel editors, Microsoft Excel Viewer, and the Microsoft Office Compatibility Pack is related to improper handling of objects in memory. Exploitation of this vulnerability may allow a malicious actor to execute arbitrary code in the context of the current user...

Fedora 26 : php (2018-c4e9207c31)

PHP version 7.1.13 04 Jan 2018 Core: - Fixed bug php75573 Segmentation fault in 7.1.12 and 7.0.26. Laruence - Fixed bug php75384 PHP seems incompatible with OneDrive files on demand. Anatol - Fixed bug php74862 Unable to clone instance when private clone defined. Daniel Ciochiu - Fixed bug php750...

Fedora 27 : php (2018-d034538627)

PHP version 7.1.13 04 Jan 2018 Core: - Fixed bug php75573 Segmentation fault in 7.1.12 and 7.0.26. Laruence - Fixed bug php75384 PHP seems incompatible with OneDrive files on demand. Anatol - Fixed bug php74862 Unable to clone instance when private clone defined. Daniel Ciochiu - Fixed bug php750...

Fedora 27 : openssh (2017-96d1995b70)

This update provides new upstream release OpenSSH 7.6 with several bug fixes and new features, including CVE-2017-15906, compatibility with WinSCP, improvement for PAM stack, enablement for s390x sandbox, new GSSAPI key exchange methods and improvement of handling kerberos tickets. Note that...

Fedora 27 : glibc (2017-0d3fdd3d1f)

This update adds support for the IBM858 codepage RHBZ1416405. It moves the nsscompat NSS service module to the main glibc package RHBZ1400538. As a security hardening measure, stdio streams are no longer flushed on process abort/assertion failure RHBZ1498880. /var/db/Makefile is now included in t...

Microsoft Office Compatibility Pack Service Pack 3 Multiple RCE Vulnerabilities (KB4011607)

This host is missing a critical security update according to Microsoft KB4011607 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Office Compatibility Pack Service Pack 3 RCE Vulnerability (KB4011605)

This host is missing an important security update according to Microsoft KB4011605 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Ubuntu 14.04 LTS / 16.04 LTS : NVIDIA graphics drivers vulnerability (USN-3521-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3521-1 advisory. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...

Website Glitch Let Me Overstock My Coinbase

Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders...

Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011607)

A security vulnerability exists in Microsoft Office Compatibility Pack Service Pack 3 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

[SECURITY] Fedora 26 Update: xrdp-0.9.5-1.fc26

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...