Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a use-after-free error within the vsvsdx.dll when processing PageHeight and PageWidth values of VSDX file, which can be exploited to corrupt memory via a specially crafted VSDX file. Successful exploitation may allow execution of arbitrary code. Versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.
9697a7c849f39a13926892d6b471d55b1281d9096e5b8186ba951919119c04abCA Technologies support is alerting customers about a medium risk vulnerability that may allow a local attacker to gain additional privileges with products using CA Common Services running on the AIX, HP-UX, Linux, and Solaris platforms. The vulnerability, CVE-2016-9795, occurs due to insufficient validation by the casrvc program. A local unprivileged user can exploit the vulnerability to modify arbitrary files, which can potentially allow a local attacker to gain root level access.
fc6c18b1ab288c81928a10a9339d929938fcd7120518c622254694d974c59667WordPress FormBuilder plugin version 1.05 suffers from a cross site request forgery vulnerability.
802b442dfa53531fd80f9ec001bf164207aa8164ff344771bb40415f62a94715VirtualBox versions prior to 5.0.32 and prior to 5.1.14 suffer from a privilege escalation vulnerability.
fbc8f27ebd046afc3d15e93a02ab62b9b5e464ee5560c917a0d6571f8f1167c0Joomla Store Locator component version 2.3.1.0 suffers from a cross site scripting vulnerability.
69ac0cbe43a7053fc1a8b440d18caa470f6c9a5368bf65886509c810a03c6e25EMC Data Protection Advisor contains a fix for a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 6.1.x, 6.2, 6.2.1, 6.2.2, and 6.2.3 prior to patch 446 are affected.
1399b4c25d75885ede6ffe39eddd5e40f0959f9e9f7b40269343455100f526fbCordova-Android versions 6.1.1 and below suffer from an insecure transport vulnerability due to the Gradle Distribution URL not using HTTPS by default.
d6bee6780400c2c31f859d15dc8af513d4a62cec6920be28a9ec3b5477f6e910EMC Documentum versions 4.5 and 4.6 suffer from DQL injection and cross site scripting vulnerabilities.
1fa1935776c0450f0c6cdea2c7600f969b1b60558c23fe2f89c44e6ca37d23f4EMC Data Domain DD OS has been updated to fix a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.4, 5.5 family all versions prior to 5.5.5.0, 5.6 family all versions prior to 5.6.2.0, 5.7 family all versions prior to 5.7.2.10 are affected.
3719ab75a9e74d2e20d08072be2aceabafc3b494f8af1bd2a3a39707e215f405Joomla JTAG Calendar component version 6.2.4 suffers from a remote SQL injection vulnerability.
a4d0ea155714f1050a57d2e8d9c9f1c9306b6b785b9798cb7e6b4109de210ba5RSA BSAFE Crypto-J versions prior to 6.2.2 suffer from improper OCSP validation and PKCS#12 timing attack vulnerabilities.
ab31c6b98b6ff07db4a9a779660f5967f97cb4172a52706352ff182ae3cb9252MRF Web Administration Panel (SWMS) version 9.0.1 is vulnerable to OS command injection attacks.
f0aa656e6a7de9e427504db15b24aee38689c905553cf5d9c2b80a569ffbba77EMC PowerPath Virtual Appliance is affected by a sensitive information disclosure vulnerability that may potentially be exploited by malicious users to compromise the affected system. Versions 2.0 and 2.0 SP1 are affected.
b686a3a955b58b02de9046c1ae26899038d003ce1ed99f6164b144454ff9f2e4EMC RecoverPoint versions prior to 4.4.1.1 and 5.0 suffer from information disclosure and command injection vulnerabilities.
0ca4b3c6ebdf0150051ad3eed18350d2e8904925131165880fd50ece4d779fc2RSA Web Threat Detection contains fixes for a cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 5.0, 5.1, and 5.1.2 are affected.
1c09ee7779d8cae0ef00e80b9c059864bc8bbabe7168d438d03104a558311d36
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed