USN-4673-1: libproxy vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVEs contained in this USN include:...

Ubuntu: Security Advisory (USN-4673-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4673-1 libproxy vulnerability

Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

USN-4673-1: libproxy vulnerability

Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : libproxy vulnerability (USN-4673-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4673-1 advisory. Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execu...

USN-4514-1 libproxy vulnerability

It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3927-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3927-1 advisory. It was discovered that Thunderbird allowed PAC files to specify that requests to localhost are sent through the proxy to another...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3874-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3874-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacke...

USN-3874-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. CVE-2018-18500,...

Google Patches Critical Remote Code Execution Bugs in Android OS

Google issued 44 patches for its Android operating system as part of its July Security Bulletin this week. Of those vulnerabilities, 11 were rated critical and the remainder were rated high in severity. The vulnerabilities varied from OS framework to Media framework bugs, including system and...

CVE-2017-5384

Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...

CVE-2017-5384

CVE-2017-5384 : Information disclosure via Proxy Auto-Config (PAC) in Firefox

USN-3223-1: KDE-Libs vulnerability

Itzik Kotler, Yonatan Fridburg, and Amit Klein discovered that KDE-Libs incorrectly handled certain PAC files. A remote attacker could possibly use this issue to obtain sensitive information...

Ubuntu: Security Advisory (USN-3223-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-5384

Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...

Security vulnerabilities fixed in Firefox 51 — Mozilla

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potential...

Lattice Semiconductor PAC-Designer Symbol Value Buffer Overflow (CVE-2012-2915)

A stack buffer overflow vulnerability has been reported in Lattice Semiconductor PAC-Designer. The vulnerability is due to the improper handling of validation of specially crafted pac files. Successful exploitation would result in execution of arbitrary code, but requires tricking a user into...

Medium: libproxy

Issue Overview: A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration PAC files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute...

Scientific Linux Security Update : libproxy on SL6.x i386/x86_64 (20121114)

A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration PAC files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if th...

Ubuntu: Security Advisory (USN-1629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...