Category Archives: Advisories

USN-6649-2: Firefox regressions

Read Time:1 Minute, 6 Second

USN-6649-1 fixed vulnerabilities in Firefox. The update introduced
several minor regressions. This update fixes the problem.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-1547,
CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1553, CVE-2024-1554,
CVE-2024-1555, CVE-2024-1557)

Alfred Peters discovered that Firefox did not properly manage memory when
storing and re-accessing data on a networking channel. An attacker could
potentially exploit this issue to cause a denial of service.
(CVE-2024-1546)

Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie
response headers in multipart HTTP responses. An attacker could
potentially exploit this issue to inject arbitrary cookie values.
(CVE-2024-1551)

Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit
ARM devices, which could lead to unexpected numeric conversions or
undefined behaviour. An attacker could possibly use this issue to cause a
denial of service. (CVE-2024-1552)

Ronald Crane discovered that Firefox did not properly manage memory when
accessing the built-in profiler. An attacker could potentially exploit
this issue to cause a denial of service. (CVE-2024-1556)

Read More

Multiple Vulnerabilities in Apple Products Could Allow for Privilege Escalation.

Read Time:28 Second

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

USN-6678-1: libgit2 vulnerabilities

Read Time:52 Second

It was discovered that libgit2 mishandled equivalent filenames on NTFS
partitions. If a user or automated system were tricked into cloning a
specially crafted repository, an attacker could possibly use this issue to
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS. (CVE-2020-12278, CVE-2020-12279)

It was discovered that libgit2 did not perform certificate checking by
default. An attacker could possibly use this issue to perform a
machine-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2023-22742)

It was discovered that libgit2 could be made to run into an infinite loop.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 23.10. (CVE-2024-24575)

It was discovered that libgit2 did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2024-24577)

Read More

USN-6677-1: libde265 vulnerabilities

Read Time:55 Second

It was discovered that libde265 could be made to dereference invalid
memory. If a user or automated system were tricked into opening a specially
crafted file, an attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-27102)

It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 16.04
LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2023-27103)

It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2023-43887, CVE-2023-47471,
CVE-2023-49465, CVE-2023-49467, CVE-2023-49468)

Read More

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Read Time:20 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Mar 05

KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated

Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated
Advisory ID: KL-001-2024-004
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt

1. Vulnerability Details

     Affected Vendor: Artica
     Affected Product: Artica Proxy
     Affected Version: 4.50
    …

Read More

KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability

Read Time:21 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Mar 05

KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability

Title: Artica Proxy Unauthenticated File Manager Vulnerability
Advisory ID: KL-001-2024-003
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt

1. Vulnerability Details

     Affected Vendor: Artica
     Affected Product: Artica Proxy
     Affected Version: 4.40 and 4.50
     Platform: Debian 10…

Read More

KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability

Read Time:20 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Mar 05

KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability

Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Advisory ID: KL-001-2024-002
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt

1. Vulnerability Details

     Affected Vendor: Artica
     Affected Product: Artica Proxy
     Affected Version: 4.50
     Platform: Debian…

Read More

KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability

Read Time:21 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Mar 05

KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability

Title: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
Advisory ID: KL-001-2024-001
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt

1. Vulnerability Details

     Affected Vendor: Artica
     Affected Product: Artica Proxy
     Affected Version: 4.40 and 4.50
    …

Read More