[도서] 고객 여정 지도 워크숍 가이드

2023-03-28 KENNETH 0

[도서] 고객 여정 지도 워크숍 가이드 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]고객 여정 지도 워크숍 가이드 가토 미코토 저/이정미 역 | 유엑스리뷰 | 2023년 04월 판매가 23,400원 (10%할인) | YES포인트 1,300원(5%지급) CX, CS, UX의 필수 전략을 제대로 배우고 활용할 기회! 효과적인 고객 여정 지도 제작을 위한 국내 최초의 가이드! CX(고객 경험), CS(고객 서비스), UX(사용자 경험) 분야에서 가장 유용한 고객 조사 방법이자 Source: [도서] 고객 여정 지도 워크숍 가이드

No Image

USN-5975-1: Linux kernel vulnerabilities

2023-03-28 KENNETH 0

USN-5975-1: Linux kernel vulnerabilities It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0461) It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3669) It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani [ more… ]

No Image

USN-5974-1: GraphicsMagick vulnerabilities

2023-03-28 KENNETH 0

USN-5974-1: GraphicsMagick vulnerabilities It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20184) It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2018-20189) It was discovered that GraphicsMagick was not properly processing [ more… ]

No Image

USN-5973-1: url-parse vulnerabilities

2023-03-27 KENNETH 0

USN-5973-1: url-parse vulnerabilities It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service, or to perform a server-side request forgery attack or open redirect attack. (CVE-2018-3774) It was discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass input validation. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8124) Yaniv Nizry discovered that url-parse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to [ more… ]

No Image

USN-5964-2: curl vulnerabilities

2023-03-27 KENNETH 0

USN-5964-2: curl vulnerabilities USN-5964-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain TELNET connection options. Due to lack of proper input scrubbing, curl could pass on user name and telnet options to the server as provided, contrary to expectations. (CVE-2023-27533) Harry Sintonen discovered that curl incorrectly reused certain FTP connections. This could lead to the wrong credentials being reused, contrary to expectations. (CVE-2023-27535) Harry Sintonen discovered that curl incorrectly reused connections when the GSS delegation option had been changed. This could lead to the option being reused, contrary to expectations. (CVE-2023-27536) Source: USN-5964-2: curl vulnerabilities