Ubuntu Security Notice 2735-1 - It was discovered that the DOM tree could be corrupted during parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or cause a denial of service. An issue was discovered in NavigatorServiceWorker::serviceWorker in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. Various other issues were also addressed.
34404c3aa939d84733b01c04b4b1384782624e95f780584b0fd09a3cb3ecb9a5IBM AIX High Availability Cluster Multiprocessing (HACMP) suffers from a local privilege escalation vulnerability that results in root privileges.
3ac694d8bab5e91c89a1a22c19c92ca256b437e1c481b03c02500c457e4526a0Cisco Sourcefire User Agent version 2.2 suffers from an insecure file permissions vulnerability.
f9ec0ff4ed5a3e12400b81d08aa5940551ad31df9356b52220128454c88018a4This bulletin summary lists twelve released Microsoft security bulletins for September, 2015.
f5193aef5c390b2597034e6421805cf19e2d548217a560e20bf8efffac0d1631This bulletin summary lists one bulletin that has undergone a major revision increment for September, 2015.
61842becf18d1cf65ddf6d662560ef4747b9abdc884d9030aa10b51bc719c5c2VeryPDF HTML Converter version 2.0 SEH/ToLower() bypass buffer overflow exploit.
e86db11239fffa2d87876c39a853d9f11bc0b17d24e60ab24af1de7f2512c85dUbuntu Security Notice 2736-1 - Frediano Ziglio discovered that Spice incorrectly handled monitor configs. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.
7198335bfdc3a5479ff70cf093ab5c6e873bf28bd1f3f11a4701e6b9421355d9Red Hat Security Advisory 2015-1742-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server to crash.
5598afe1762e5d2f9730eef6f62ee1c4319359beffb6f3ee693c7c00a2399fd6Red Hat Security Advisory 2015-1741-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. All haproxy users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
a1868fb9dedf29fa4bb599e9106f07d547ff3ee2b7818f9cbe0a86b2f67ecc40Red Hat Security Advisory 2015-1740-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
347a92a9e5cac31f79b49c041b01f3ddec0f33984998b9dfec481009f2f1ed1aRed Hat Security Advisory 2015-1739-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.
591e95b188bc9c54b60210a35666f31d2ff569ad7ca35c252848eb40a2fd9074WordPress Easy Media Gallery plugin version 1.3.47 suffers from a stored cross site scripting vulnerability.
2aa1cca005dbf2916fc30b3389929efd09d8fabec255a96d17c3ddf946ac3351Disconnect.me versions 2.0 and below suffer from a local privilege escalation vulnerability on Mac OS X.
c9dbb506c64347ed7c7856a009d1aaf86f85e2756fd4d256803477716b89bdecThis is a perl script for performing SQL injection scans against a target site.
139b62728dd6b4c9441400351f509ee6364315609ff302ac2730a8b6939a0de3Python code leveraging Linux/x86 shellcode to create a file w/ 7775 permissions and exit.
1d802accfe54f044768cc7b8b0d857b73231ea163f8fb4deb43fce5ff31004a231 bytes small Linux/x86 shellcode that creates a file with 7775 permissions.
4a3058b5f7477a6e984f0c3f476c9405bb5d7af3103b0b1f76a97bd69e6443c0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed