Security fix for the ALT Linux 10 package firefox-esr version 52.2.0-alt1

June 21, 2017 Andrey Cherepanov 52.2.0-alt1 - New ESR version 52.2.0 - Security fixes: + CVE-2017-5472: Use-after-free using destroyed node when regenerating trees + CVE-2017-7749: Use-after-free during docshell reloading + CVE-2017-7750: Use-after-free with track elements + CVE-2017-7751:...

Remote code execution

Adobe Captivate versions 9 and earlier have a remote code execution vulnerability in the quiz reporting feature that could be abused to read and write arbitrary files to the server...

Security update for Mozilla based packages (important)

This update for Mozilla Firefox, Thunderbird, and NSS fixes the following issues: Mozilla Firefox was updated to 52.2esr boo1043960 MFSA 2017-16: CVE-2017-5472 bmo1365602 Use-after-free using destroyed node when regenerating trees CVE-2017-7749 bmo1355039 Use-after-free during docshell reloading...

openSUSE: Security Advisory for Mozilla (openSUSE-SU-2017:1620-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Automattic: Multiple File Manipulation bugs in WP Super Cache

Summary I got redirected to report the vulnerabilities here by Brandon Kraft one of your developers, so I am reporting them here. Basically, the issue is caused because of insufficient filtering there is one but it can be bypassed For instance, in /wp-cache.php, you used: 1575: $page =...

Mozilla Firefox ESR Security Advisories (MFSA2017-15, MFSA2017-16) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox < 54.0

The version of Firefox installed on the remote Windows host is prior to 54.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-15 advisory. - A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and...

CVE-2017-8386

A flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote, authenticated attacker could use this flaw to bypass git-shell restrictions, to view and manipulate files, by abusing the instance of the less command launched using crafted...

Glaring Vulnerabilities Make Many Commercial Drones 'Insecure by Design'

Drones, many readily available on ecommerce shops such as Amazon, are plagued by vulnerabilities that could give attackers full root access to the device, read or delete files, or crash the device. The United States Computer Emergency Readiness Team US-CERT published a warning about one model, th...

KLA11007 Multiple vulnerabilities in Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, read and write local files. Below is a complete list of vulnerabilities: 1. A use-after-free vulnerabilit...

CVE-2017-8307

Affected software. Avast Antivirus (before v17) on Windows. Vulnerability and root cause. The LPC interface API exposed by the AvastSVC.exe Windows service can be abused to launch predefined binaries or replace/delete arbitrary files. This arises in the context of Avast Self-Defense and can be ex...

CVE-2017-7885

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service application crash or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2decodesymboldict function in jbig2symboldict.c in libjbig2dec.a during operation on a craft...

OurPHP administrator backend has arbitrary file operation vulnerability

OurPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. OurPHP version 1.7.1 suffers from an arbitrary file manipulation vulnerability that allows an attacker to manipulate any php file without logging in, resulting in...

Remote Code Execution (RCE)

glassfish web-core is susceptible to remote code execution. It does not prevent NULL \0 byte injection in repository path of PartItem, allowing potential file manipulation via Java object deserialization. Moreover, it does not validate the existence of the NULL \0 byte when an older Java VM is...

CVE-2016-6255

Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler...

Nagios: Multiple vulnerabilities

Background Nagios is an open source host, service and network monitoring program. Description Multiple vulnerabilities have been discovered in Nagios. Please review the CVE identifiers referenced below for details. Impact A local attacker, who either is already Nagios’s system user or belongs to...

NETGEAR DGN2200v1v2v3v4 - ping.cgi Remote Command Execution

NETGEAR DGN2200v1v2v3v4 - ping.cgi Remote Command Execution !/usr/bin/python Provides access to default user account, privileges can be easily elevated by using either: - a kernel exploit ex. memodipper was tested and it worked - by executing /bin/bd suid backdoor present on SOME but not all...

Coppermine Gallery 1.5.44 Directory Traversal Vulnerability

Exploit for php platform in category web applications Coppermine Gallery = 1.5.44 directory traversal vulnerability ============================================================== Coppermine is a multi-purpose fully-featured and integrated web picture gallery script written in PHP using GD or...

xercms \XerCMS\Services\admin\member.php the background file contains any SQL statement execution vulnerability

In the D:\phpStudy\WWW\xercms\XerCMS\Services\admin\forms. in php updateTemplate（）function function updateTemplate $sname = g'sname';$data = stripslashesp'content'; fileputcontentsINC.' Data/forms/template/'.$ sname.'. htm',$data; $this-tips'finish',dreferer; You can see fileputcontentsINC.'...

Code injection

IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files...