Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27155 of 28220

CVE-2017-12654

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.

CVE-2017-12653

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:Python27 directory.

CVE-2016-2126 (samba)

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash...

CVE-2016-10404

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp.

CVE-2017-12649

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted title or summary that is mishandled in the Web Content Display.

Author: Cyberthreat Blog

CVE-2017-12654

CVE-2017-12653

CVE-2016-2126 (samba)

CVE-2016-10404

CVE-2017-12649