This vulnerability allows local attackers to escalate privileges on affected installations of Electronic Arts Origin. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Daily Archives: March 24, 2022
ZDI-22-537: (0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Epic Games Launcher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-538: (0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Epic Games Launcher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Smashing Security podcast #267: Virtual kidnapping, two helipads, and a naughty Apple employee
A Russian bank tells its customers to stop installing security updates, an Apple employee ends up in hot water, and learn our tips to avoid being virtually kidnapped.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Anna Brading.
DSA-5108 tiff – security update
Multiple vulnerabilities have been discovered in the libtiff library
and the included tools, which may result in denial of service if
malformed image files are processed.
DSA-5107 php-twig – security update
Marlon Starkloff discovered that twig, a template engine for PHP, did
not correctly enforce sandboxing. This would allow a malicious user to
execute arbitrary code.