Deprecated: Hook wp_smush_should_skip_parse is deprecated since version 3.16.1! Use wp_smush_should_skip_lazy_load instead. in /srv/www/cyberthreat.blog/wordpress/wp-includes/functions.php on line 6114

Deprecated: Hook wp_smush_should_skip_parse is deprecated since version 3.16.1! Use wp_smush_should_skip_lazy_load instead. in /srv/www/cyberthreat.blog/wordpress/wp-includes/functions.php on line 6114

Author: Cyberthreat Blog

CVE-2017-9418

Posted by | Jun 12, 2017 | |

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.

Read More

CVE-2017-9123

Posted by | Jun 12, 2017 | |

The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.

Read More

CVE-2017-9126

Posted by | Jun 12, 2017 | |

The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.

Read More

CVE-2017-9127

Posted by | Jun 12, 2017 | |

The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted mp4 file.

Read More

CVE-2017-9128

Posted by | Jun 12, 2017 | |

The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted mp4 file.

Read More