[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 6004 Download | Alert*

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.

Two input sanitization failures have been found in the faxrunq and faxq binaries in mgetty, a smart modem getty replacement. An attacker could leverage them to insert commands via shell metacharacters in jobs id and have them executed with the privilege of the faxrunq/faxq user.

GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).

GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).

GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.

Debian Linux 8.0 (Jessie)

Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-16065 Brendon Tiszka discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-16066 cloudfuzzer discovered an out-of-bounds read issue in blink/webkit. CVE-2018-16067 Zhe Jin discovered an out-of-bounds read issue in the WebAudio implementation. CVE-2018-16068 Mark Brand discovered an out-of-bo ...

Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   600

© SecPod Technologies