Monthly Archive: June 2018

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access...

Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain. Date published : 2018-06-19...

The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection. Date published : 2018-06-19 WordPress Comments Import & Export https://www.exploit-db.com/exploits/44940/

The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection. Date published : 2018-06-19 Advanced Order Export For WooCommerce https://www.exploit-db.com/exploits/44931/

ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the ‘Add oVirt Provider to ManageIQ/CloudForms’ playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where...

** DISPUTED ** OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be...

The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the...

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. Date published : 2018-06-19 https://download.strongswan.org/security/CVE-2018-10811/ https://www.strongswan.org/blog/2018/05/28/strongswan-vulnerability-%28cve-2018-10811%29.html

The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts. Date published : 2018-06-19...

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. Date published : 2018-06-19 https://bugs.python.org/issue32981...

An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. Date published : 2018-06-18 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01–security-notice-for-ca-privileged-access-manager.html https://www.exploit-db.com/exploits/37708/

An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks. Date published : 2018-06-18 http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01–security-notice-for-ca-privileged-access-manager.html

Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. Date published : 2018-06-18 http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01–security-notice-for-ca-privileged-access-manager.html

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link. Date published : 2018-06-18 http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01–security-notice-for-ca-privileged-access-manager.html