Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.

CVE-2019-5795

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

CVE-2019-5798

Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2019-5787

Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

About Monorail User Guide Release Notes Feedback on Monorail Terms Privacy

CVE-2019-5796: 918861 - chromium - An open-source project to help move the web forward.

Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2019-5794: 935175 - chromium - An open-source project to help move the web forward.

Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2019-5802: 632514 - chromium - An open-source project to help move the web forward.

Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Updates available for Adobe Flash Player | APSB19-19

Bulletin ID

Date Published

Priority

APSB19-19

April 09, 2019

 2

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address a critical and an important vulnerability in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user. 

Product

Version

Platform

Adobe Flash Player Desktop Runtime

32.0.0.156 and earlier 

Windows, macOS and Linux

Adobe Flash Player for Google Chrome

32.0.0.156 and earlier

Windows, macOS, Linux and Chrome OS 

Adobe Flash Player for Microsoft Edge and Internet Explorer 11

32.0.0.156 and earlier

Windows 10 and 8.1

To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right- click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:

Note:

*   Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows, macOS and Linux update to Adobe Flash Player 32.0.0.171 via the update mechanism within the product \[1\] or by visiting the Adobe Flash Player Download Center.
*   Adobe Flash Player installed with Google Chrome will be automatically updated to the latest Google Chrome version, which will include Adobe Flash Player 32.0.0.171 for Windows, macOS, Linux and Chrome OS.
*   Adobe Flash Player installed with Microsoft Edge and Internet Explorer 11 for Windows 10 and 8.1 will be automatically updated to the latest version, which will include Adobe Flash Player 32.0.0.171.
*   Please visit the Flash Player Help page for assistance in installing Flash Player.

\[1\] Users who have selected the option to 'Allow Adobe to install updates' will receive the update automatically. Users who do not have the 'Allow Adobe to install updates' option enabled can install the update via the update mechanism within the product when prompted.

**Vulnerability Category**

**Vulnerability Impact**

**Severity**

**CVE Number**

Out-of-bounds read 

Information Disclosure 

Important   

CVE-2019-7108 

Use After Free

Arbitrary Code Execution

Critical

CVE-2019-7096

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

*   Anonymously reported via Trend Micro’s Zero Day Initiative (CVE-2019-7108)
    
*   Haifei Li of McAfee (CVE-2019-7096)

CVE-2019-7096: Adobe Security Bulletin

The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.

*   Details
*   Reviews
*   Installation
*   Development

The booking calendar plugin for WordPress. WP Booking System is used by more than 9,000 active users, with a satisfaction rate that borders on 5\*!

Is this booking calendar for you?

*   Do you rent something out, like a holiday home, a boat or something else?
*   Do you have a WordPress website and need a bit of help to keep track of your rentals through a booking calendar?

…then yes! The WP Booking System is perfect for your needs.

Get easy online booking with this lightweight and powerful booking system.

**A set-and-forget booking calendar for your rental business**

WP Booking System is a simple booking calendar for WordPress. You will be up and running in just a few minutes. You can create booking calendars and forms, and you can manage your bookings. You can easily customize the booking calendar to fit your needs.

Start receiving bookings from your visitors today!

**Display available dates in your booking calendar**

With just one click you can create the first booking calendar for your holiday home or rental business. Already have bookings made? You can manually manage the calendar’s availability in just a few seconds.

Now your booking calendar is up to date with the latest bookings and available dates!

**Create a form and enable clients to make bookings online**

The beauty of this WordPress booking calendar is that it allows your website visitors to book available calendar dates on the spot through a fully customizable booking calendar form.

Enable your clients to use the rental calendar fast and easy. In just three simple steps, clients will be able to reserve a slot on your booking calendar:

*   Hover over the booking calendar to pick a starting date. Click on it, then move the cursor to select the number of days to book. (clients can easily see booked days by using the booking system legend)
*   Next, fill in the booking system form (you can edit the form fields at any time to make sure clients submit the most relevant information you need; mark fields as compulsory or optional)
*   Finally, click the booking button to make a reservation.

With the premium version of the booking system, you can allow customers to make online bookings using the top payment platforms available at the moment!

> Click here to see a demo of the premium version

You can review and manage calendar bookings from the back-end, so you are always in control. You can even set up automatic calendar notifications so you will receive an email when a booking is made. Now you’re all set to receive online bookings through your booking calendar.

**Receive and manage bookings**

All your bookings are saved in your rental calendar and are beautifully displayed so you can easily access them and view the booking details.

**No time to read the description? Discover the top benefits of WP Booking System in just 40 seconds!**

**Features of the Free version:**

*   Create your own booking system: a booking calendar and a booking form!
*   Receive and manage bookings
*   Save extra booking information
*   Generate a shortcode to insert the booking calendar and booking form into a page or post
*   Use the Gutenberg block to embed the booking calendar
*   WP Booking System Widget
*   The booking calendar supports multiple languages

**EXTRA FEATURES OF THE PREMIUM BOOKING CALENDAR VERSION:**

*   The booking system can accept online and offline payments
*   iCalendar Sync, Import and Export
*   Create an unlimited number of booking calendars
*   Create an unlimited number of booking forms
*   Create your own rental calendar legend: apply your own colors and text
*   Split days selection
*   Display multiple months
*   Change the first day of the week
*   Change the start month / year
*   Display an overview reservation calendar
*   Edit multiple dates with just one click
*   Display tooltips with extra info
*   Hide calendar bookings from the past from your visitors
*   Set the minimum number of days that the visitor must book
*   Show the week’s number on the booking calendar
*   Automatically block booked days directly
*   Send booking notifications
*   User management within the booking system
*   Very easy to translate into any language
*   Professional support for any question related to the booking calendar
*   Download the Premium version at: www.wpbookingsystem.com

**This WP Booking Calendar Plugin is for…**

Any rental business should use the WP Booking Calendar plugin to keep track of their rental calendar throughout the year.

*   Property rentals: bed & breakfast, hotels, hotel rooms, cottages, apartments, houses, apartment rooms (use WP Booking System even when you are renting through AirBNB, Booking.com etc.)
*   Boat rentals
*   Car & motorcycle rentals
*   Sports equipment rentals (full day ski equipment rental, bike rentals, skates rentals etc)
*   Events rentals (full day trainings/courses, parties, weddings, baptisms, corporate events, business meetings, conferences etc)
*   Speakers, singers, photographers, videographers, inspectors can also benefit from using WP Booking system

The booking system will soon become an indispensable tool in your business, and you will find yourself using it daily to manage reservations in your calendar.

**How the booking calendar helps your clients**

*   Clients can make calendar bookings online, by accessing your website
*   No need to call to make a reservation
*   They can see the available calendar dates and manage their schedule to make a booking
*   They can make simple and fast bookings from the comfort of their own home, directly from their mobile phones

**Key booking system benefits for your business**

*   Collect relevant information about your clients through the booking system form (configure the rental calendar form to your needs). No need to call or collect this information at the desk.
*   Use the WP Booking System on the go, from your mobile phone. The WP Booking Calendar can be used from mobile devices with ease – simply log in to your website and make any necessary edits just like on a computer.
*   Manage bookings offline – when you meet with a client 1:1 and they want to make a future booking, simply log in to your website, access the booking calendar and make the reservation on the spot, for them.
*   Stay up to date with calendar bookings by receiving email confirmations and reminders

**WP Booking System in a nutshell…**

Get organised and start receiving bookings with WP booking system. With this WP plugin you can create booking calendars, booking forms and accept bookings via your website. Setting it up is really easy and you will be up and running in just a few minutes. Bookings will be clearly listed in your booking calendar and you can stay organised. The booking calendar plugin works simply and it can be translated into several languages.

This plugin provides 1 block.

*   WP Booking System - Booking Calendar

1.  Install the plugin by uploading the zip file (Plugins > Add New > Upload)
2.  Activate the plugin through the ‘Plugins’ menu in WordPress
3.  Click on the ‘WP Booking System’ menu entry
4.  Click on ‘Add New’ at the top of the page to create a calendar
5.  To embed a calendar on a page or post, use the ‘Add Calendar’ button at that page

**How can I embed the booking calendar on a page or post?**

By using the ‘Add Calendar’ button above the editor, the Gutenberg module, a widget, or directly by using the shortcode. An example of the shortcode is:

    [wpbs id="1" title="yes/no" legend="yes/no" language="auto" form_id="1"]
    

**Will this booking system work for me?**

We’re pretty sure about that! We made this plugin as ‘flexible’ as possible. The booking plugin works with bookings on a per day basis (no time slots). So if you rent something out on a daily basis, then the WP Booking System is a good choice.

**I have another question**

Please see www.wpbookingsystem.com for more information and ask your questions there!

Very good plugin, fits exactly to our needs. The most reactive an fastest support I have ever seen.

Great versatile plugin and the support is excellent.

When asking for an update to a Wordpress plugin you immediately think that you won't even get a reply but I was pleasantly surprised when Roland replied to my request saying that if they get time they will include my request.I thought that this would be the end of it but 2 weeks later when there was a plugin update, I noticed that my request had been considered and implemented.This makes my life so much easier when the people booking wish to change the boat they have booed and now that I can easily switch calendars without deleting and re entering all the details. Many thanks and special praise to the supporter named Roland!Lucien @ Ellerbeck Narrowboats

The support from Roland is fantastic, fast and in depth. I had a requirement for an additional function, Roland was back within an hour with it added to the Pro version. Can't recomment this plugi highly enough.

I installed this for our campsite bookings. I have tried a couple of other booking plugins but this is by far the best. Our requirement are straightforward: a single campsite that only takes one booking, but has variable nightly costs and optional additional campers. The plugin was perfect for this. Set up was a bit involved, but they all are like that. Configuration of things like notifications and payments was straightforward and clear. The Stripe integration is particularly good. I only have one criticism: when you configure manual acceptance of bookings, and then accept a booking, the relevant date statuses do not update automatically. This has to be done manually. However, I'm sure they will change that at some point. All in all a great plugin, well worth the fee and with really good support.

Plugin is working really well. Managing my bookings and syncing with bookin.com and AirBnB works like a charm. In the exceptional situation that I need some support, Roland is always available to help out. Perfect support.

Read all 248 reviews

“WP Booking System – Booking Calendar” is open source software. The following people have contributed to this plugin.

Contributors

*    Roland Murg

**2.0.18.1**

*   Improved: Security improvements

**2.0.18**

*   Fixed: Deprecated notice when activating the plugin

**2.0.17**

*   New: Added “Number” form field

**2.0.16**

*   Improved: Updated Elementor Widget

**2.0.15**

*   Improved: Security fix

**2.0.14**

*   New: Added Icelandinc Language
*   New: Added Chinese Language
*   New: Added Latvian Language
*   Improved: Compatibility with WP 5.6 and TwentyTwentyone theme

**2.0.13**

*   Fixed: Bug with reCAPTCHA key not being included.

**2.0.12**

*   New: Added Indonesian language
*   Fixed: An issue with calendar not being sized properly on page load.
*   Fixed: An issue that could cause reCAPTCHA not to validate on some server configurations.

**2.0.11**

*   Improved: Minified CSS and JS Files.
*   Improved: Removed Duplicate HTML IDs in form editor
*   Fixed: A jQuery error that appeared in some cases when editing the form

**2.0.10**

*   Fixed: Backend calendar is now displayed in the correct language set in WordPress.

**2.0.9**

*   Improved: Compatibility changes for the new WordPress 5.4
*   Improved: Calendar dynamic sizing when resizing the viewport

**2.0.8**

*   Fixed: Single date selection on mobile devices

**2.0.7**

*   New: Added Korean language
*   Improved: Changed translation file locations
*   Improved: Minified JS file
*   Fixed: CSS display issue for Email Tags
*   Fixed: Language codes for Slovenian and Swedish
*   Fixed: Changed Czech flag

**2.0.6**

*   Improved: Admin Layout changes to match WP 5.3

**2.0.5**

*   Fixed: Widget not allowing a calendar without a form
*   Fixed: Email not allowing HTML tags

**2.0.4**

*   Fixed: Translation of dates sent in emails
*   Fixed: iCalendar sync delay bug
*   Improved: Calendar date selection styling

**2.0.3**

*   Added: Chinese Language

**2.0.2**

*   Fixed: iPhone and iPad bug when selecting calendar dates

**2.0.1**

*   Fixed: Bug that caused some emails not to be sent.

**2.0.0**

*   Major Rebuild
*   New: Gutenberg Module
*   Improved: Calendar Editor
*   Improved: Form Builder
*   Improved: Booking Manager
*   Improved: Calendar front-end display

**1.5.2**

*   Fixed Deprecated widget constructor

**1.5.2**

*   Security Improvements

**1.5.1**

*   Fixed: Issue with hovering over calendar dates.

**1.5**

*   Added Bulgarian language
*   Fixed Mod\_Security new SQL Injection filter conflict

**1.4**

*   Added filters to sanitize user input to prevent cross-site scripting (XSS) and SQL injections. Thanks to JPCERT/CC for pointing us at this issue.

**1.3.3**

*   Fixed a small CSS issue regarding bulk edit

**1.3.2**

*   Fixed translation problem regarding form options (i.e. radio buttons)

**1.3.1**

*   The notification of unread bookings now disappears when you delete the related calendar

**1.3**

*   The admin panel is now fully responsive
*   Updated the Premium features list

**1.2.3**

*   Small tweak to support PHP 7

**1.2.2**

*   Hide notifications in the toolbar when the user does not have access to the corresponding page

**1.2.1**

*   Decode booking details before saving

**1.2**

*   Minor bug fixes

**1.1**

*   UTF-8 fix

**1.0**

*   Changed the version number to 1.0

**0.7**

*   Small CSS fixes and a language fix related to the widget

**0.6**

*   Second output buffer fix

**0.5**

*   Output buffer fix

**0.4**

*   Fix in booking details fields.
*   Update (elaboration): The booking notes (the content of the text fields near the editable dates in the admin panel) were shown in the source code of the page the calendar was displayed on (this content can also be indexed by Google). If you were vulnerable, your website and the booking notes may have been archived and exposed by https://archive.org, and possibly by other sites. Please ask them to delete your data if needed. Affected versions of the Free version: All versions lower than 0.4.

**0.3**

*   Minor fix

**0.2**

*   Small CSS fixes

**0.1**

*   First release

CVE-2019-12239: WP Booking System – Booking Calendar

vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application through 7.0.3 for Android allows attackers to cause a denial of service (application crash) by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. The content of the replacement must be derived from the phone's IMEI. The crash occurs upon receiving a message that contains the replaced emoji.

1 minute read

This DoS bug was reported to Tencent, but they decided not to fix because it’s not critical. The Common Vulnerabilities and Exposures (CVE) Program has assigned the ID CVE-2019-11419 to this issue.

**Description:**

vcodec2\_hls\_filter in libvoipCodec\_v7a.so in WeChat application for Android results in a DoS by replacing an emoji file (under the /sdcard/tencent/MicroMsg directory) with a crafted .wxgf file. Crash-log is provided in poc.zip file at https://drive.google.com/open?id=1HFQtbD10awuUicdWoq3dKVKfv0wvxOKS

**Vulnerability Type:**

Denial of Service

**Vendor of Product:**

Tencent

**Affected Product Code Base:**

WeChat for Android - Up to latest version (7.0.3)

**Affected Component:**

Function vcodec2\_hls\_filter in libvoipCodec\_v7a.so

**Attack Type:**

Local

**Attack vector:**

An malware app can crafts a malicious emoji file and overwrites the emoji files under /sdcard/tencent/MicroMsg/[User_ID]/emoji/[WXGF_ID]. Once the user opens any chat messages that contain an emoji, WeChat will instantly crash.

**POC:**

Video at https://drive.google.com/open?id=1x1Z3hm4j8f4rhv\_WUp4gW-bhdtZMezdU

*   User must have sent or received a GIF file in WeChat
*   Malware app must retrieve the phone’s IMEI. For POC, we can use the below command
    
        adb shell service call iphonesubinfo 1 | awk -F "'" '{print $2}' | sed '1 d' | tr -d '.' | awk '{print}' ORS=- 
        
    
*   Produce the malicious emoji file with the retrieved IMEI (use encrypt\_wxgf.py in poc.zip):
    
        python encrypt.py crash4.wxgf [SIZE_OF_EMOJI_ON_SDCARD]
        
    
*   Replace /sdcard/tencent/MicroMsg/\[User\_ID\]/emoji/\[WXGF\_ID\] with the padded out.wxgf.encrypted
*   WeChat will crash now if a message that contains the overwritten emoji file

Crash log:

    Process:            com.tencent.mm
    Crash Thread:       27374(total:122)
    Date/Time:          2108-12-12 +8.00 13:34:50.135
    Live Time:          35s
    Device:             Pixel 2 XL android-27
    Exception info:    
    Siginfo:            errno:0, pid:0, uid:0, process:
    after unwind signal thread
    *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
    Build fingerprint: google/taimen/taimen:8.1.0/OPM4.171019.021.R1/4833808:user/release-keys
    pid: 27147, tid: 27374  >>> com.tencent.mm <<<
    signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 00000000
    after dump thread backtrace
      #00  pc 0x0  <unknown> (???)
      #01  pc 0x1f739b  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (vcodec2_hls_filter+546)
      #02  pc 0x1f8efb  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (vcodec2_hls_filters+134)
      #03  pc 0x1efa5d  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (???)
      #04  pc 0x1ea94f  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (v2codec_default_execute+30)
      #05  pc 0x1f1c59  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (???)
      #06  pc 0x1eaa49  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (v2codec_decode_video2+120)
      #07  pc 0x1e375d  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (Vcodec2DecodeMultipleNals+176)
      #08  pc 0x1e510f  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (CWxAMDecoder::decodeColorComponents(unsigned char*, int)+70)
      #09  pc 0x1e5791  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (CWxAMDecoder::add_buffer(unsigned char*, int, int, StWxAMFrame**)+228)
      #10  pc 0x1e5995  /data/data/com.tencent.mm/app_lib/libvoipCodec_v7a.so (wxam_dec_decode_buffer_3+12)
      #11  pc 0x4c435  /data/app/com.tencent.mm-XUPZwNZyUC6RN4utDMIYMw==/lib/arm/libwechatcommon.so (Java_com_tencent_mm_plugin_gif_MMWXGFJNI_nativeDecodeBufferFrame+148)
      ...

CVE-2019-11419: DoS Wechat with an emoji

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.

    # Exploit Title: CentOS Web Panel - Domain Field (Add DNS Zone) Cross-Site Scripting Vulnerability
    # Google Dork: N/A
    # Date: 22 - April - 2019
    # Exploit Author: DKM
    # Vendor Homepage: http://centos-webpanel.com
    # Software Link: http://centos-webpanel.com
    # Version: v0.9.8.793 (Free), v0.9.8.753 (Pro) and 0.9.8.807 (Pro)
    # Tested on: CentOS 7
    # CVE : CVE-2019-11429
    
    # Description:
    CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.
    
    # Steps to Reproduce:
    1. Login into the CentOS Web Panel using admin credential.
    2. From Navigation Click on "DNS Functions" > "Add DNS Zone"
    3. In "Domain" field give simple payload as: "<script>alert(1)</script>//" , fill other details like IP and Admin Email and Click "Add DNS zone"
    4. Now one can see that the XSS Payload executed.

Tag

#google