FEDORA-2022-d7f95e65dd
Packages in this update:
booth-1.0-251.3.bfb2f92.git.fc35
Update description:
Security fix for CVE-2022-2553
booth-1.0-251.3.bfb2f92.git.fc35
Security fix for CVE-2022-2553
Defense in depth is a security strategy in which multiple security tools, mechanisms, and policies are deployed in tandem on the assumption that if one fails, another will hold. Rather than, say, relying solely on a firewall to keep hackers out of a corporate network, an organization would also deploy endpoint security software and intrusion detection systems (IDS) to spot any attacker who manages to slip past that firewall. The intention isn’t to deploy different tools to face different specific threats: rather, a defense in depth strategy assumes that an attacker manages to defeat or bypass one tool, then other tools will pick up the slack and fight back in a different way.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP Server. Authentication is not required to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server. Authentication is not required to exploit this vulnerability.