14 matches found
Mozilla Firefox Security Advisory (MFSA2013-87) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2021-28249
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...
CVE-2021-28246
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be...
Privilege escalation
UNSUPPORTED WHEN ASSIGNED CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the...
Privilege escalation
UNSUPPORTED WHEN ASSIGNED CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The co...
CVE-2021-28249
CA eHealth Performance Manager up to version 6.3.2.12 is affected by a Privilege Escalation due to a Dynamically Linked Shared Object Library. An attacker must place a malicious library in the writable RPATH, which is loaded when the FtpCollector executable runs, causing the code in the library t...
CVE-2021-28249
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is ru...
CVE-2021-28246
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be...
CVE-2021-28246
CVE-2021-28246 affects CA eHealth Performance Manager up to version 6.3.2.12. The issue is a privilege-escalation defect where a regular user can place a malicious library in the writable RPATH, which is dynamically linked when the emtgtctl2 executable runs, causing the library code to execute wi...
CVE-2021-28246
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be...
Aruba ClearPass Policy Manager tipsSimulationUpload command execution
Added: 08/13/2020 CVE: CVE-2020-7115 Background Aruba ClearPass is a network access control solution. Problem A vulnerability in the tipsSimulationUpload.action resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the uploadClientCertFile paramete...
Aruba ClearPass Policy Manager tipsSimulationUpload command execution
Added: 08/13/2020 CVE: CVE-2020-7115 Background Aruba ClearPass is a network access control solution. Problem A vulnerability in the tipsSimulationUpload.action resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the uploadClientCertFile paramete...
FreeBSD : mozilla -- multiple vulnerabilities (7dfed67b-20aa-11e3-b8d8-0025905a4771)
The Mozilla Project reports : MFSA 2013-76 Miscellaneous memory safety hazards rv:24.0 / rv:17.0.9 MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-8...
Shared object library loading from writable location — Mozilla
Mozilla developer Vladimir Vukicevic reported that Firefox for Android will optionally load a shared object .so library in order to enable GL tracing. When this is occurs, it can be from a world writable location, allowing for it to be replaced by malicious third party applications before it is...