ubuntu-usn

USN-4588-1: FlightGear vulnerability It was discovered that FlightGear could write arbitrary files if received a special nasal script. A remote attacker could exploit this with a crafted file to execute arbitrary code. Source: USN-4588-1: FlightGear vulnerability

USN-4590-1: Collabtive vulnerability It was discovered that Collabtive did not properly validate avatar image file uploads. An authenticated user could exploit this with a crafted file to cause Collabtive to execute arbitrary code. (CVE-2015-0258) Source: USN-4590-1: Collabtive vulnerability

USN-4585-1: Newsbeuter vulnerabilities It was discovered that Newsbeuter didn’t handle the command line input properly. An remote attacker could use it to ran remote code by crafting a special input file. (CVE-2017-12904) It was discovered that Newsbeuter didn’t handle metacharacters in its filename properly. An remote attacker could use it to ran remote code by crafting a special filename. (CVE-2017-14500) Source: USN-4585-1: Newsbeuter vulnerabilities

USN-4546-2: Firefox regressions USN-4546-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, spoof the site displayed in the download dialog, or execute arbitrary code. Source: USN-4546-2: Firefox regressions

USN-4584-1: HtmlUnit vulnerability It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code. Source: USN-4584-1: HtmlUnit vulnerability