Monthly Archive: December 2016

perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or,...

perl-XML-Twig: The option to `expand_external_ents`, documented as controlling external entity expansion in XML::Twig does not work. External entities are always expanded, regardless of the option’s setting. Date published : 2016-12-22 http://www.securityfocus.com/bid/94219 http://www.openwall.com/lists/oss-security/2016/11/04/2

lynx: It was found that Lynx doesn’t parse the authority component of the URL correctly when the host name part ends with ‘?’, and could instead be tricked into connecting to a different host....

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334. Date published : 2016-12-22 http://www.securityfocus.com/bid/93423...

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with...

NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user. Date published : 2016-12-21 http://www.securityfocus.com/bid/95069 https://kb.netapp.com/support/s/article/NTAP-20161220-0001

python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document. Date published : 2016-12-21 http://www.securityfocus.com/bid/91485 https://github.com/python-openxml/python-docx/blob/v0.8.6/HISTORY.rst

Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. Date published : 2016-12-21 http://www.securityfocus.com/bid/95075 https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000l6kbCAA&type=Solution

In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field....

Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft (MAU) Office Elevation of Privilege Vulnerability." Date published : 2016-12-20...

Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via...

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different...

The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different...

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows...