This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-32639.
Category Archives: Advisories
libopenmpt-0.7.8-1.el8
FEDORA-EPEL-2024-9d9625a171
Packages in this update:
libopenmpt-0.7.8-1.el8
Update description:
libopenmpt 0.7.8 (2024-06-09)
[Sec] Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
MED: Additional command pages can now be read.
MED: Echo DSP is now emulated.
AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
DSm: Don’t import as Amiga module (and thus allow Amiga resampler to be enabled), as this PC format can easily exceed the Amiga frequency range.
DSm: Only the first 48 samples were ever read.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.
libopenmpt 0.7.7 (2024-05-12)
[Bug] examples/libopenmpt_example_c_pipe.c and libopenmpt/bindings/freebasic/libopenmpt_ext.bi were missing from the Autotools package.
[New] New Makefile CONFIG=mingw-w64 option WINDOWS_CRT=[crtdll,msvcrt,ucrt] to select the toolchain CRT library.
[Change] build/download_externals.sh now verifies the integrity of any downloaded files and uses curl instead of wget.
[Regression] Optimization level when compiling with GCC 14 has been forced down to -O1 due to the severe miscompilation GCC 14 has shown on MinGW-w64 amd64 (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115049).
IT: Disable a few more compatibility flags for older SchismTracker builds.
IT: Halve the output volume of files saved with ChibiTracker, as its mixer is about half as loud as ours.
S3M: In mono mode, the ratio between sample and OPL volume was incorrect.
S3M: Detect files saved with PlayerPRO.
XM: Detect files saved with PlayerPRO. Improved detection of files saved with ModPlug Tracker.
XM: Files with impossibly small pattern headers are now rejected, like FastTracker 2 does.
STK: Loosen SoundTracker file rejection heuristics a bit to allow loading of files with malformed song titles and overly long samples. Other heuristics has been tightened a bit.
MOD: Change VBlank timing heuristic to always assume CIA timing when long samples unsupported by original ProTracker) are found.
MOD: Disable NoiseTracker quirks if empty sample slots have a default volume other than 0.
MOD: 7-bit panning detection may have returned incorrect results for MODs with a channel count other than 4.
MED: Improve handling of default tempo, panning and channel volume in files containing more than one song.
MO3: Reduced maximum allowed music data (not samples) size from 2 GiB to 512 MiB.
XMF: Header validation is now stricter.
MDL: Slightly more accurate import of pattern command 9 (enabling envelopes instead of setting envelope position).
ULT: Support the highest three octaves.
OPL emulation could produce clicks when using a mix rate higher than 65536 Hz.
xmp-openmpt: Subsongs whose length could not be calculate no longer show a duration of -12:-55.
mpg123: Update to v1.32.6 (2024-04-04).
libopenmpt-0.7.8-1.el7
FEDORA-EPEL-2024-fa86f0e8f1
Packages in this update:
libopenmpt-0.7.8-1.el7
Update description:
libopenmpt 0.7.8 (2024-06-09)
[Sec] Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
MED: Additional command pages can now be read.
MED: Echo DSP is now emulated.
AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
DSm: Don’t import as Amiga module (and thus allow Amiga resampler to be enabled), as this PC format can easily exceed the Amiga frequency range.
DSm: Only the first 48 samples were ever read.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.
libopenmpt 0.7.7 (2024-05-12)
[Bug] examples/libopenmpt_example_c_pipe.c and libopenmpt/bindings/freebasic/libopenmpt_ext.bi were missing from the Autotools package.
[New] New Makefile CONFIG=mingw-w64 option WINDOWS_CRT=[crtdll,msvcrt,ucrt] to select the toolchain CRT library.
[Change] build/download_externals.sh now verifies the integrity of any downloaded files and uses curl instead of wget.
[Regression] Optimization level when compiling with GCC 14 has been forced down to -O1 due to the severe miscompilation GCC 14 has shown on MinGW-w64 amd64 (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115049).
IT: Disable a few more compatibility flags for older SchismTracker builds.
IT: Halve the output volume of files saved with ChibiTracker, as its mixer is about half as loud as ours.
S3M: In mono mode, the ratio between sample and OPL volume was incorrect.
S3M: Detect files saved with PlayerPRO.
XM: Detect files saved with PlayerPRO. Improved detection of files saved with ModPlug Tracker.
XM: Files with impossibly small pattern headers are now rejected, like FastTracker 2 does.
STK: Loosen SoundTracker file rejection heuristics a bit to allow loading of files with malformed song titles and overly long samples. Other heuristics has been tightened a bit.
MOD: Change VBlank timing heuristic to always assume CIA timing when long samples unsupported by original ProTracker) are found.
MOD: Disable NoiseTracker quirks if empty sample slots have a default volume other than 0.
MOD: 7-bit panning detection may have returned incorrect results for MODs with a channel count other than 4.
MED: Improve handling of default tempo, panning and channel volume in files containing more than one song.
MO3: Reduced maximum allowed music data (not samples) size from 2 GiB to 512 MiB.
XMF: Header validation is now stricter.
MDL: Slightly more accurate import of pattern command 9 (enabling envelopes instead of setting envelope position).
ULT: Support the highest three octaves.
OPL emulation could produce clicks when using a mix rate higher than 65536 Hz.
xmp-openmpt: Subsongs whose length could not be calculate no longer show a duration of -12:-55.
mpg123: Update to v1.32.6 (2024-04-04).
libopenmpt-0.7.8-1.el9
FEDORA-EPEL-2024-c862af93eb
Packages in this update:
libopenmpt-0.7.8-1.el9
Update description:
libopenmpt 0.7.8 (2024-06-09)
[Sec] Potential heap out-of-bounds read with malformed Dynamic Studio DSm files (r20912).
MED: Additional command pages can now be read.
MED: Echo DSP is now emulated.
AMS: Default channel panning was broken, using all-center panning instead of MOD-style panning.
STP: Correctly import volume slides where both nibbles are set.
MDL: Pitch slide depth was wrong since libopenmpt 0.6.0.
DTM: Fix pitch slide depth for samples with finetune.
DSm: Don’t import as Amiga module (and thus allow Amiga resampler to be enabled), as this PC format can easily exceed the Amiga frequency range.
DSm: Only the first 48 samples were ever read.
STM / STX: Don’t set channel panning. ScreamTracker 2 only outputs mono sound.
PSM: File header probing was stricter than actual file loader, rejecting manipulated files that would otherwise load fine.
libopenmpt 0.7.7 (2024-05-12)
[Bug] examples/libopenmpt_example_c_pipe.c and libopenmpt/bindings/freebasic/libopenmpt_ext.bi were missing from the Autotools package.
[New] New Makefile CONFIG=mingw-w64 option WINDOWS_CRT=[crtdll,msvcrt,ucrt] to select the toolchain CRT library.
[Change] build/download_externals.sh now verifies the integrity of any downloaded files and uses curl instead of wget.
[Regression] Optimization level when compiling with GCC 14 has been forced down to -O1 due to the severe miscompilation GCC 14 has shown on MinGW-w64 amd64 (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115049).
IT: Disable a few more compatibility flags for older SchismTracker builds.
IT: Halve the output volume of files saved with ChibiTracker, as its mixer is about half as loud as ours.
S3M: In mono mode, the ratio between sample and OPL volume was incorrect.
S3M: Detect files saved with PlayerPRO.
XM: Detect files saved with PlayerPRO. Improved detection of files saved with ModPlug Tracker.
XM: Files with impossibly small pattern headers are now rejected, like FastTracker 2 does.
STK: Loosen SoundTracker file rejection heuristics a bit to allow loading of files with malformed song titles and overly long samples. Other heuristics has been tightened a bit.
MOD: Change VBlank timing heuristic to always assume CIA timing when long samples unsupported by original ProTracker) are found.
MOD: Disable NoiseTracker quirks if empty sample slots have a default volume other than 0.
MOD: 7-bit panning detection may have returned incorrect results for MODs with a channel count other than 4.
MED: Improve handling of default tempo, panning and channel volume in files containing more than one song.
MO3: Reduced maximum allowed music data (not samples) size from 2 GiB to 512 MiB.
XMF: Header validation is now stricter.
MDL: Slightly more accurate import of pattern command 9 (enabling envelopes instead of setting envelope position).
ULT: Support the highest three octaves.
OPL emulation could produce clicks when using a mix rate higher than 65536 Hz.
xmp-openmpt: Subsongs whose length could not be calculate no longer show a duration of -12:-55.
mpg123: Update to v1.32.6 (2024-04-04).
webkitgtk-2.44.2-2.fc40
FEDORA-2024-4d71f28349
Packages in this update:
webkitgtk-2.44.2-2.fc40
Update description:
Update to 2.44.2:
Make gamepads visible on axis movements, and not only on button presses.
Disable the gst-libav AAC decoder.
Make user scripts and style sheets visible in the Web Inspector.
Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable.
Use the printing portal when running sandboxed.
Use the file transfer portal for drag and drop when running sandboxed.
Avoid notifying an empty cursor rectangle to input methods.
Remove empty bar shown in detached inspector windows.
Consider keycode when activating application accelerators.
Fix several crashes and rendering issues.
Fix CVE-2024-27834
webkitgtk-2.44.2-2.fc39
FEDORA-2024-826bf5a09a
Packages in this update:
webkitgtk-2.44.2-2.fc39
Update description:
Update to 2.44.2:
Make gamepads visible on axis movements, and not only on button presses.
Disable the gst-libav AAC decoder.
Make user scripts and style sheets visible in the Web Inspector.
Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable.
Use the printing portal when running sandboxed.
Use the file transfer portal for drag and drop when running sandboxed.
Avoid notifying an empty cursor rectangle to input methods.
Remove empty bar shown in detached inspector windows.
Consider keycode when activating application accelerators.
Fix several crashes and rendering issues.
Fix CVE-2024-27834
CyberDanube Security Research 20240604-0 | Multiple Vulnerabilities in utnserver Pro/ProMAX/INU-100
Posted by Thomas Weber via Fulldisclosure on Jun 09
CyberDanube Security Research 20240604-0
——————————————————————————-
title| Multiple Vulnerabilities
product| SEH utnserver Pro/ProMAX / INU-100
vulnerable version| 20.1.22
fixed version| 20.1.28
CVE number| CVE-2024-5420, CVE-2024-5421, CVE-2024-5422
impact| High
homepage| https://www.seh-technology.com/…
SEC Consult SA-20240606-0 :: Multiple critical vulnerabilities in Kiuwan SAST on-premise (KOP) & cloud/SaaS & Kiuwan Local Analyzer (KLA)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 09
SEC Consult Vulnerability Lab Security Advisory < 20240606-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
Kiuwan Local Analyzer (KLA)
vulnerable version: Kiuwan SAST <2.8.2402.3
Kiuwan Local Analyzer <master.1808.p685.q13371…
Blind SQL Injection – fengofficev3.11.1.2
Posted by Andrey Stoykov on Jun 09
# Exploit Title: FengOffice – Blind SQL Injection
# Date: 06/2024
# Exploit Author: Andrey Stoykov
# Version: 3.11.1.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/05/friday-fun-pentest-series-6.html
Steps to Reproduce:
1. Login to application
2. Click on “Workspaces”
3. Copy full URL
4. Paste the HTTP GET request into text file
5. Set the injection point to be in the “dim” parameter…
Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution
Posted by malvuln on Jun 09
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/afe012ed0d96abfe869b9e26ea375824.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Trojan.Win32.DarkGateLoader (multi variants)
Vulnerability: Arbitrary Code Execution
Description: Multiple variants of this malware look for and execute
x32-bit “urlmon.dll” PE file in its current directory. Therefore, we
can…