[SECURITY] Fedora 24 Update: qemu-2.6.2-8.fc24

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component version 9.6.1.4350 of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under th...

NVIDIA GPU Display Driver Local Elevation of Privilege Vulnerability (CNVD-2017-07279)

NVIDIA GPU Display Driver is a set of graphics processor GPU graphics card drivers from NVIDIA. A security vulnerability exists in the kernel mode layer handler in NVIDIA GPU Display Driver due to the program failing to properly validate user-submitted values during offset calculations. An attack...

Dolby DAX2 and DAX3 power-up vulnerability

Dolby DAX2 and DAX3 are industry standard software programs developed by Dolby Laboratories for a wide range of vendors. A privilege extraction vulnerability exists in the Dolby DAX2 versions 1.0,1.0.1,1.1,1.1.1,1.2,1.3,1.3.1,1.3.2,1.4,1.4.1,1.4.2,1.4.3,1.4.4 and DAX3 versions 1.0 and 1.1 API...

PT-2017-4163

Name of the Vulnerable Software and Affected Versions Artifex Ghostscript versions through 2017-04-26 Description The issue is related to a type confusion vulnerability in the .rsdparams operator, allowing remote command execution and bypass of the -dSAFER protection mechanism. This can be achiev...

CVE-2017-6613

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service DoS condition on the affected system. The vulnerability is due to...

Apache FOP XML External Entity Injection Vulnerability

Apache FOP Formatting Object Processor is a U.S. Apache Apache Software Foundation by the XSL Formatting Object XSL-FO and output-independent formatting program driven by the print formatting program. It can read the Formatting Object FO tree and render the resulting page to the specified output...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Design/Logic Flaw

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2017-5651

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

Writing a libemu/Unicorn Compatability Layer

In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...

Writing a libemu/Unicorn Compatability Layer

In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...

Writing a libemu/Unicorn Compatability Layer

In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit of background, libemu is a lightweight x86 emulator written in...

Wireshark SLSK Dissector 'dissectors / packet-slsk.c' infinite loop denial of service vulnerability

Wireshark formerly known as Ethereal is a network packet analyzer software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. Wireshark is prone to a remote denial of service vulnerability because it is unable to...

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

tomcat: information disclosure due to incorrect Processor sharing

A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body...

Information Disclosure

tomcat-coyote is vulnerable to information disclosure. If the send file process completed quickly, it is possible for a processor to be added to the processor cache twice, resulting in the same process being reused for multiple requests. A malicious user could gain access to this processor to...

CVE-2017-0329

An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as High because it first requires compromising a...