Category Archives: Advisories

Advisories

mingw-python-OWSLib-0.28.1-1.fc37

Read Time:8 Second

FEDORA-2023-8312a80917

Packages in this update:

mingw-python-OWSLib-0.28.1-1.fc37

Update description:

Update to OWSLib-0.28.1, fixes CVE-2023-27476.

Read More

Advisories

pack-0.29.0~rc1-1.el9

Read Time:11 Second

FEDORA-EPEL-2023-901871dabc

Packages in this update:

pack-0.29.0~rc1-1.el9

Update description:

Security fix for CVE-2022-41717, CVE-2022-24675, CVE-2022-28327

Resolves: #2161300 – set _fortify_level 3

Read More

Advisories

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read Time:32 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Advisories

Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released

Read Time:2 Minute, 57 Second

FortiGuard Labs is aware of a new proof of concept released over the weekend for CVE-2023-21716 (Microsoft Word Remote Code Execution Vulnerability).Patched in the February Microsoft Monthly Security Release, CVE-2023-21716 is a vulnerability within Microsoft Office’s wwlib which allows attackers to achieve remote code execution on a targeted machine via the use of a maliciously crafted RTF document. What makes this vulnerability dangerous is that It does not require any user interaction. As a proof of concept is now available, this makes exploitation even more likely as it does not require any legwork or additional development by an attacker.What are the technical details of the CVE-2023-21716?The RTF parser in Microsoft Word is susceptible to a heap corruption vulnerability when dealing with a font table containing an excessive number of fonts. The font ID value is corrupted because it loads upper bits from the EDX data register which is used for arithmetic and logical operations and contains appended writes of ffff, which will then corrupt the heap via an out of bounds memory write.What is the CVSS score for CVE-2023-21716?The CVSS score is 9.8 (CRITICAL).Are Patches Available?Yes, Microsoft published patches in the February 14, 2023 Patch Tuesday update.What Versions of Microsoft Office are Vulnerable?Unpatched versions vulnerable are:Microsoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1 (32-bit editions)Microsoft SharePoint Foundation 2013 Service Pack 1Microsoft Office Web Apps Server 2013 Service Pack 1Microsoft Word 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Microsoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Office 2019 for MacMicrosoft Office Online ServerSharePoint Server Subscription Edition Language PackMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft SharePoint Server Subscription EditionMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC for Mac 2021to CVE-2023-27176 are:Microsoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1 (32-bit editions)Microsoft SharePoint Foundation 2013 Service Pack 1Microsoft Office Web Apps Server 2013 Service Pack 1Microsoft Word 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Microsoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Office 2019 for MacMicrosoft Office Online ServerSharePoint Server Subscription Edition Language PackMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft SharePoint Server Subscription EditionMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC for Mac 2021What are the Details of Coverage?FortiGuard Labs is currently assessing IPS signature creation based on available proof of concept code. This Threat Signal will be updated once this information is available.Any Suggested Mitigation?FortiGuard Labs suggests that all users of affected versions of Microsoft Office patch immediately. If this is not an option, other mitigations suggested by Microsoft include reading emails in plain text only format and utilizing the Microsoft Office File Block policy, which prevents RTF documents from being previewed or opened without user interaction. Further mitigation guidance from Microsoft can be found under “Microsoft Word Remote Code Execution Vulnerability” In the APPENDIX.

Read More