Ubuntu security

Ubuntu security notices

No Image

USN-6217-1: .NET vulnerability

2023-07-12 KENNETH 0

USN-6217-1: .NET vulnerability McKee-Harris, Matt Cotterell, and Jack Moran discovered that .NET did not properly update account lockout maximum failed attempts. An attacker could possibly use this issue to bypass the security feature and attempt to guess more passwords for an account. Source: USN-6217-1: .NET vulnerability

No Image

USN-6216-1: lib3mf vulnerability

2023-07-12 KENNETH 0

USN-6216-1: lib3mf vulnerability It was discovered that lib3mf did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted 3MF file, a local attacker could possibly use this issue to cause applications using lib3mf to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-6216-1: lib3mf vulnerability

No Image

USN-6215-1: dwarves vulnerabilities

2023-07-11 KENNETH 0

USN-6215-1: dwarves vulnerabilities It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606) Source: USN-6215-1: dwarves vulnerabilities

No Image

USN-6214-1: Thunderbird vulnerabilities

2023-07-11 KENNETH 0

USN-6214-1: Thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37211) P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicicous Diagcab file, an attacker could execute arbitrary code. (CVE-2023-37208) Source: USN-6214-1: Thunderbird vulnerabilities

No Image

USN-6213-1: Ghostscript vulnerability

2023-07-10 KENNETH 0

USN-6213-1: Ghostscript vulnerability It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code. Source: USN-6213-1: Ghostscript vulnerability