When attempting to upload a file via the API using the importFileByInternalUserId or importFile methods in the FileService, it is possible to read arbitrary files from the system. This is due to that Java's URL class is used without checking what protocol handler is specified in the API call. Apache OpenMeetings versions 1.9.x through 3.0.7 are affected.
c8dd487b97e1b03e9a3818c01b947705ae5bdeec150494b208e77bfa5c1dd41fWhen creating an event, it is possible to create clickable URL links in the event description. These links will be present inside the event details once a participant enters the room via the event. It is possible to create a link like "javascript:alert('xss')", which will execute once the link is clicked. As the link is placed within an <a> tag, the actual link is not visible to the end user which makes it hard to tell if the link is legit or not. Apache OpenMeetings versions 1.9.x through 3.0.7 are affected.
ae142c09b3506f6a2df2eff1b29727a0f7f4ac41ab39eacb5ce1d1505fe8e1a3The hash generated by the external password reset function is generated by concatenating the user name and the current system time, and then hashing it using MD5. This is highly predictable and can be cracked in seconds by an attacker with knowledge of the user name of an OpenMeetings user. Apache OpenMeetings versions 1.9.x through 3.1.0 are affected.
e8013d35e67485ede2f2a96963a7acebaa5a2d152f1ac777a282f195dd67f09bHP Security Bulletin HPSBGN03563 1 - Security vulnerabilities in the OpenSSL library could potentially impact HPE IceWall products resulting in local or remote Denial of Service (DoS) and local disclosure of sensitive information. Revision 1 of this advisory.
57d02e5956b8e30e3dcc52080b4967e3e1c4122e0888e933cc4d3579340a64ccHP Security Bulletin HPSBMU03562 2 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow code execution. Revision 2 of this advisory.
582059f3157f5288f539b5a0198aa639f4e5be8cb75df46d07a3774d77273937Ubuntu Security Notice 2942-1 - A vulnerability was discovered in the JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.
03ba63fb82bc9f80a8737b4266fdcf5b1c758da341d6916e0066286df907ff6cRed Hat Security Advisory 2016-0514-01 - The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit, OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.
d2c7ba18b9ab841d36650848f97e0bcdc94f44f76bd5ae2a2eb845f825938652The mip user is already quite privileged, capable of accessing sensitive network data. However, as the child process has supplementary gid contents, there is a very simple privilege escalation to root.
5b5d78147822a04ece55e3ad4dc78e4634f5ee4ab840d7ead31f0b0e6099d778The wireless driver for the Android One (sprout) devices has a bad copy_from_user in the handling for the wireless driver socket private read ioctl IOCTL_GET_STRUCT with subcommand PRIV_CMD_SW_CTRL. This ioctl is permitted for access from the untrusted-app selinux domain, so this is an app-to-kernel privilege escalation from any app with android.permission.INTERNET.
f09afcb089991f9bdfe7878694f1b4aa53a78b0716b0db1d420fbf8364088819Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
3f5f9bd87dcf5f48f2a28b9d1483b03c9c6ba6a16a660b4be8e0892fa953dbc9Red Hat Security Advisory 2016-0515-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update provides Oracle Java 7 Update 99. Security Fix: This update fixes one vulnerability in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
8ac9769de79b1fb68d57e6e33f362f3fe6eb4617429467e0b04c83b33674fdc8Red Hat Security Advisory 2016-0512-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.
482fbf87dc29f140a894ff589433aecefe45a4f8423e9a530ffcbb5c2eeb8e91Red Hat Security Advisory 2016-0516-01 - The Java Runtime Environment contains the software and tools that users need to run applets and applications written using the Java programming language. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update provides Oracle Java 8 Update 77. Security Fix: This update fixes one vulnerability in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
bc05b0bfdaa20ecc5141ea9df9eb9e268d4e1672946326b3976b8fdee70c1fe1Red Hat Security Advisory 2016-0513-01 - The java-1.8.0-openjdk packages contain the latest version of the Open Java Development Kit, OpenJDK 8. These packages provide a fully compliant implementation of Java SE 8. Security Fix: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.
ef42d725d6c3979f8e8ba812004915f3a2c15422e59371dbfb0e3b2a98583a84Red Hat Security Advisory 2016-0511-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit for compiling and executing Java programs. Security Fix: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions.
5ad8f45a876939a92eae412eed9d2c5a00a149874ad1c5e459428f53c07f7b29
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed