Ubuntu Security Notice 4030-1 - It was discovered that web2py does not properly check denied hosts before verifying passwords. An attacker could possibly use this issue to perform brute-force attacks. It was discovered that web2py allows remote attackers to obtain environment variable values. An attacker could possibly use this issue to gain administrative access. It was discovered that web2py uses a hardcoded encryption key. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
a99087702bd4f64f9a186902fa43b09a473e58c2c4153bcd31bfc5a32d36a29eGentoo Linux Security Advisory 201706-28 - Multiple vulnerabilities have been found in LibreOffice, the worst of which allows for the remote execution of arbitrary code. Versions less than 5.2.7.2 are affected.
18ccac86e7fcb5b42793ef6cb9f989623be1cd6625b8f7b60be444b45f2e8176Gentoo Linux Security Advisory 201706-14 - Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 are affected.
d5896fe968f276e9777c40ceb6bb2ecf8c61938a3d77fd2a63e307b9529a3f09Ubuntu Security Notice 3273-1 - It was discovered that LibreOffice incorrectly handled EMF image files. If a user were tricked into opening a specially crafted EMF image file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
c672a47292266207af7ebcb4b5b7c724ec65987fb8dc64aff2c139a7d7cc5fb5Ubuntu Security Notice 3263-1 - It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.
747e1ff3f00647b55dbee7c25069f1800bd121b726e4535c919257812b4cb181Red Hat Security Advisory 2016-0610-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.616. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
5145ad8c00fcfd2b59e1d57411a22febeb7e651b05d88217b455d025ff236f82
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed