Monthly Archive: May 2018

The dcputs function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation...

An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. Date published...

The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file. Date published : 2018-05-17 http://seclists.org/fulldisclosure/2018/May/43...

The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file. Date published : 2018-05-17 http://seclists.org/fulldisclosure/2018/May/43...

The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly execute arbitrary code via a crafted pdf file. Date published : 2018-05-17...

Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS. Date published : 2018-05-17 https://github.com/ILIAS-eLearning/ILIAS/commit/7959485406eb981976b64fee363cf950603924ed https://www.ilias.de/docu/goto.php?target=st_229

ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter. Date published : 2018-05-17 https://github.com/ILIAS-eLearning/ILIAS/commit/01a24cf04fe8dddf1da59ca497580637973482b6 https://www.ilias.de/docu/goto.php?target=st_229

The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php. Date published : 2018-05-17 https://github.com/ILIAS-eLearning/ILIAS/commit/6b2217c31b6974788a5c787413454475687b44bb https://github.com/ILIAS-eLearning/ILIAS/commit/d0dcad1b1e729f694acd0582bc626c7c8e62b519

Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS via a link attribute. Date published : 2018-05-17 https://github.com/ILIAS-eLearning/ILIAS/commit/ff9bf29858f2dbffe828711a6f8bf37038c00d77 https://www.ilias.de/docu/goto.php?target=st_229

DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP...

Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability...

The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file. Date published : 2018-05-17 http://seclists.org/fulldisclosure/2018/May/43 https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728). Date published :...

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection. Date published : 2018-05-17 http://www.securityfocus.com/bid/104231 https://cert.vde.com/de-de/advisories/vde-2018-004