CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

CVE-2018-1303

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache. The vulnerability is considere...

Chromium: Calling "mojo::WrapSharedMemoryHandle" is insufficient to produce read-only descriptors for IPC(CVE-2018-6063)

VULNERABILITY DETAILS The "mojo::WrapSharedMemoryHandle" function is used to produce a "base::SharedBufferHandle" wrapping a given "base::SharedMemoryHandle". The created buffer handle can be sent over Mojo IPC to remote endpoints, including across process boundaries. In some cases, shared memory...

RHEL 6 : chromium-browser (RHSA-2018:0484)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:0484 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 65.0.3325.146. Security Fixes:...

chromium-browser: incorrect permissions on shared memory

Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page...

chromium-browser: incorrect permissions on shared memory

Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page...

Google Chrome Multiple Security Vulnerabilities (Mar 2018) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Multiple Security Vulnerabilities (Mar 2018) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 65 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 65.0.3325.146 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcomin...

IBM Client Application Access and Notes Elevation of Privilege Vulnerability (CNVD-2018-03879)

IBM Client Application Access and IBM Notes are both products of IBM Corporation in the U.S. IBM Client Application Access is a set of tools for accessing local applications.IBM Notes is a set of collaborative office software. An elevation of privilege vulnerability exists in IBM Client Applicati...

IBM Client Application Access Elevation of Privilege Vulnerability

IBM Client Application Access and IBM Notes for Windows are both products of IBM Corporation.IBM Notes for Windows is a set of collaborative office software based on the Windows platform.IBM Client Application Access is a set of tools for accessing local applications based on the Windows platform...

IBM Client Application Access elevation of privilege vulnerability (CNVD-2018-03876)

IBM Client Application Access and IBM Notes for Windows are both products of IBM Corporation.IBM Notes for Windows is a set of collaborative office software based on the Windows platform.IBM Client Application Access is a set of tools for accessing local applications based on the Windows platform...

IBM Client Application Access elevation of privilege vulnerability (CNVD-2018-03868)

IBM Client Application Access and IBM Notes for Windows are both products of IBM Corporation.IBM Notes for Windows is a set of collaborative office software based on the Windows platform.IBM Client Application Access is a set of tools for accessing local applications based on the Windows platform...

Design/Logic Flaw

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709...

CVE-2018-1411

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710...

Design/Logic Flaw

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708...

Design/Logic Flaw

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710...

CVE-2018-1410

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709...

CVE-2018-1410

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709...