Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

CVE-2018-3930: TALOS-2018-0597 || Cisco Talos Intelligence Group

In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method.

CVE
#vulnerability#microsoft#ubuntu#linux#cisco#intel#rce#pdf
CVE-2018-3929: TALOS-2018-0596 || Cisco Talos Intelligence Group

An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted PowerPoint (PPT) document can lead to heap corruption, resulting in remote code execution.

CVE-2018-13112: heap-buffer-overflow in /src/common/get.c:174 function get_l2len · Issue #477 · appneta/tcpreplay

get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.

CVE-2018-13099: [f2fs-dev] [PATCH] f2fs: fix to do sanity check with reserved blkaddr of inline inode

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

CVE-2018-12700: 23057 – Multiple memory corruptions in objdump (binuitils-2.30-15ubuntu1)

A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.

CVE-2018-11574: security - Buffer Overflow in pppd EAP-TLS implementation

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.

CVE-2016-8384: TALOS-2016-0209 || Cisco Talos Intelligence Group

An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter.

CVE-2016-8383: TALOS-2016-0208 || Cisco Talos Intelligence Group

An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability.

CVE-2017-2923: TALOS-2017-0430 || Cisco Talos Intelligence Group

An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.

CVE-2018-1049: access to automounted volumes can lock up

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.