4 matches found
Ubuntu 14.04 LTS : unzip vulnerabilities (USN-2472-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2472-1 advisory. Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a...
SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager
SEC Consult Vulnerability Lab Security Advisory 20140402-0 ======================================================================= title: Multiple vulnerabilities product: Rhythm Software File Manager Rhythm Software File Manager HD vulnerable version: File Manager 1.16.6 File Manager HD 1.11.5...
Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number: CVE-2013-2641,...
Vulnerability in OpenSSL - TLS 1.1 and 1.2 AES-NI crash
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a DoS attack. Found by Adam Langley and Wolfgang Ettlinger...