SECURITY

No Image

USN-5151-1: Mailman vulnerabilities

2021-11-18 KENNETH 0

USN-5151-1: Mailman vulnerabilities It was discovered that Mailman incorrectly handled certain URL. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-43331) It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2021-43332) Source: USN-5151-1: Mailman vulnerabilities

No Image

USN-5150-1: OpenEXR vulnerability

2021-11-17 KENNETH 0

USN-5150-1: OpenEXR vulnerability It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash. Source: USN-5150-1: OpenEXR vulnerability

No Image

USN-5149-1: AccountsService vulnerability

2021-11-17 KENNETH 0

USN-5149-1: AccountsService vulnerability Kevin Backhouse discovered that AccountsService incorrectly handled memory when performing certain language setting operations. A local attacker could use this issue to escalate privileges. Source: USN-5149-1: AccountsService vulnerability

No Image

USN-5148-1: hivex vulnerability

2021-11-16 KENNETH 0

USN-5148-1: hivex vulnerability It was discovered that hivex incorrectly handled certain input. An attacker could use this vulnerability to cause a crash or obtain sensitive information. Source: USN-5148-1: hivex vulnerability

No Image

USN-5147-1: Vim vulnerabilities

2021-11-15 KENNETH 0

USN-5147-1: Vim vulnerabilities It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 ESM. (CVE-2017-17087) It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted mode and execute arbitrary commands. Note: This update only makes executing shell commands more difficult. Restricted mode should not be considered a complete security measure. This issue only affected Ubuntu 14.04 ESM. (CVE-2019-20807) Brian Carpenter discovered that vim incorrectly handled memory when opening certain files. If a user was tricked into opening a specially crafted file, a remote attacker could crash the application, leading to a denial of service, or possible execute arbitrary code with user privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu [ more… ]