Read Time:7 Second
It was discovered that unixODBC incorrectly handled certain bytes.
An attacker could use this issue to execute arbitrary code or cause
a crash.
Category Archives: Advisories
Application is Vulnerable to Session Fixation
Read Time:20 Second
Posted by YOGESH BHANDAGE on Mar 27
*Vulnerability Name – *Application is Vulnerable to Session Fixation
*Vulnerable URL: *www.fusionpbx.com
*Overview of the Vulnerability*
Session fixation is a security vulnerability that occurs when an attacker
sets or fixes a user’s session identifier, manipulating the authentication
process. Typically exploited in web applications, this vulnerability allows
the attacker to force a user’s session ID to a known value, granting…
APPLE-SA-03-25-2024-1 Safari 17.4.1
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-1 Safari 17.4.1
Safari 17.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214094.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
WebRTC
Available for: macOS Monterey and macOS Ventura
Impact: Processing an image may lead to arbitrary code execution…
APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1
macOS Sonoma 14.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214096.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: macOS Sonoma
Impact: Processing an image may lead to arbitrary code execution…
APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6
macOS Ventura 13.6.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214095.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: macOS Ventura
Impact: Processing an image may lead to arbitrary code execution…
APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1
Read Time:27 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1
iOS 17.4.1 and iPadOS 17.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214097.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation
and later, iPad…
APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7
Read Time:27 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7
iOS 16.7.7 and iPadOS 16.7.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214098.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro…
APPLE-SA-03-25-2024-6 visionOS 1.1.1
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-03-25-2024-6 visionOS 1.1.1
visionOS 1.1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214093.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: Apple Vision Pro
Impact: Processing an image may lead to arbitrary code execution
Description: An…
Escape sequence injection in util-linux wall (CVE-2024-28085)
Read Time:17 Second
Posted by Skyler Ferrante (RIT Student) via Fulldisclosure on Mar 27
Wall-Escape (CVE-2024-28085)
Skyler Ferrante: Escape sequence injection in util-linux wall
=================================================================
Summary
=================================================================
The util-linux wall command does not filter escape sequences from
command line arguments. The vulnerable code was introduced in
commit cdd3cc7fa4 (2013). Every version since has been
vulnerable.
This allows…
Win32.STOP.Ransomware (smokeloader) / Remote Code Execution (MITM)
Read Time:19 Second
Posted by malvuln on Mar 27
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/3b9e9e130d52fe95c8be82aa4b8feb74.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Win32.STOP.Ransomware (smokeloader)
Vulnerability: Remote Code Execution (MITM)
Family: Stop
Type: PE32
MD5 3b9e9e130d52fe95c8be82aa4b8feb74
Vuln ID: MVID-2024-0676
Disclosure: 03/22/2024
Description:
There are two roads to…