OPENSUSE-SU-2020:0944-1 Security update for live555

This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. boo1127341 - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead t...

Samsung Mobile Device Injection Vulnerability (CNVD-2020-32826)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have an injection vulnerability that can be exploited by an attacker to change dynamic libraries and execute arbitrary code with the privileg...

CVE-2017-18652

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 September 2017...

Code injection

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 September 2017...

CVE-2017-18652

CVE-2017-18652 affects Samsung mobile devices running M(6.0) and N(7.x). The issue is that SVoice can be exploited to execute arbitrary code by manipulating dynamic libraries, enabling code execution with the privileges of the compromised process. The vulnerability is tied to the SVoice component...

CVE-2019-18829

Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'ClickshareForWindows.exe' binary on the ClickShare Button R9861500D01 loads a number of DLL files dynamically without verifying their integrity...

Avast antivirus and AVG antivirus DLL hijacking vulnerability

Avast Antivirus is a suite of antivirus software from the Czech company Avast.AVG AntiVirus is an antivirus and anti-backdoor antivirus program.Avira Antivirus engine is an antivirus engine from the German company Avira.Avast Antivirus is a suite of antivirus software from the Czech company...

OPENSUSE-SU-2019:1880-1 Security update for live555

This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. boo1127341 - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead t...

Security update for live555 (moderate)

openSUSE Security Update: Security update for live555 Announcement ID: openSUSE-SU-2019:1880-1 Rating: moderate References: 1121995 1124159 1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Backports SLE-15-SP1 An update that solves two vulnerabilities and has one...

openSUSE Security Update : live555 (openSUSE-2019-1797)

This update for live555 fixes the following issues : - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. boo1127341 - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead ...

OPENSUSE-SU-2019:1797-1 Security update for live555

This update for live555 fixes the following issues: - CVE-2019-9215: Malformed headers could have lead to invalid memory access in the parseAuthorizationHeader function. boo1127341 - CVE-2019-7314: Mishandled termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up could have lead t...

Security update for live555 (moderate)

openSUSE Security Update: Security update for live555 Announcement ID: openSUSE-SU-2019:1797-1 Rating: moderate References: 1121995 1124159 1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that solve...

PT-2019-2135 · Cisco · Cisco Directory Connector

Name of the Vulnerable Software and Affected Versions: Cisco Directory Connector affected versions not specified Description: The issue is related to uncontrolled search path elements in the search path processing of Cisco Directory Connector. This could allow an authenticated, local attacker to...

CVE-2019-0809

A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library DLL files, aka 'Visual Studio Remote Code Execution Vulnerability'...

The installer of Baidu Browser may insecurely load Dynamic Link Libraries

Overview Baidu Browser provided by Baidu, Inc. is a Web browser. The installer of Baidu Browser contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Asuka Nakajima of NTT Secure Platform Laboratories reported this vulnerability to IPA...

Susie plug-in "axpdfium" may insecurely load Dynamic Link Libraries

Overview Susie plug-in "axpdfium" contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user running the program where "axpdfium" is used. Solution Update the plug-in Update...

The installer of PhishWall Client Internet Explorer edition may insecurely load Dynamic Link Libraries

Overview PhishWall Client Internet Explorer edition provided by SecureBrain Corporation is anti-phishing and anti-MITB software. The installer of PhishWall Client Internet Explorer edition contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

CVE-2018-6766

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's choosing that coul...

Install program and Installer of i-filter 6.0 may insecurely load Dynamic Link Libraries and invoke executable files

Overview i-filter 6.0 provided by Digital Arts Inc. is web filtering and parental control software. The install program is designed to download the installer via the internet and execute it. The i-filter 6.0 install program and installer contain the following vulnerabilities. Eili Masami of...

Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries

Overview Installers of multiple products, and DocuWorks self-extracting documents provided by Fuji Xerox Co.,Ltd. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...