Security News

[CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED

Bug Traq - 30 January, 2020 - 08:14

Posted by Stefan Kanthak on Jan 30

Hi @ll,

on September 29, 2019, John Page reported a remote code execution
with escalation of privilege in TrendMicro's Anti-Threat Toolkit
to its vendor.
TrendMicro assigned CVE-2019-9491 to this vulnerability and told
the reporter, his dog and the world on October 18, 2019, that they
had fixed the vulnerable product.

See <https://success.trendmicro.com/solution/000149878>,
<https://seclists.org/fulldisclosure/2019/Oct/42> and...

[SECURITY] [DSA 4610-1] webkit2gtk security update

Bug Traq - 30 January, 2020 - 02:20

Posted by Moritz Muehlenhoff on Jan 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-4610-1 security () debian org
https://www.debian.org/security/ Alberto Garcia
January 29, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : webkit2gtk
CVE ID : CVE-2019-8835 CVE-2019-8844...

APPLE-SA-2020-1-29-1 iCloud for Windows 7.17

Bug Traq - 30 January, 2020 - 02:17

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-29-1 iCloud for Windows 7.17

iCloud for Windows 7.17 addresses the following:

ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3826: Samuel Groß of Google Project Zero

libxml2
Available for: Windows 7 and later
Impact: Processing maliciously crafted XML may lead...

APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2

Bug Traq - 30 January, 2020 - 02:12

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2

iCloud for Windows 10.9.2 is now available and addresses the
following:

ImageIO
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3826: Samuel Groß of Google Project Zero

libxml2
Available for: Windows 10 and later...

[SECURITY] [DSA 4611-1] opensmtpd security update

Bug Traq - 30 January, 2020 - 02:08

Posted by Moritz Muehlenhoff on Jan 29

-------------------------------------------------------------------------
Debian Security Advisory DSA-4611-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 29, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : opensmtpd
CVE ID : CVE-2020-7247
Debian Bug :...

FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec

Bug Traq - 29 January, 2020 - 05:00

Posted by FreeBSD Security Advisories on Jan 29

=============================================================================
FreeBSD-SA-20:02.ipsec Security Advisory
The FreeBSD Project

Topic: Missing IPsec anti-replay window check

Category: core
Module: kernel
Announced: 2020-01-28
Credits: Jean-Francois HREN
Affects: FreeBSD 12.0 only
Corrected:...

APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1

Bug Traq - 29 January, 2020 - 05:00

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1

iOS 13.3.1 and iPadOS 13.3.1 are now available and address the
following:

Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3857: Zhuo Liang of Qihoo 360...

FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch

Bug Traq - 29 January, 2020 - 04:48

Posted by FreeBSD Security Advisories on Jan 29

=============================================================================
FreeBSD-SA-20:01.libfetch Security Advisory
The FreeBSD Project

Topic: libfetch buffer overflow

Category: core
Module: libfetch
Announced: 2020-01-28
Credits: Duncan Overbruck
Affects: All supported versions of FreeBSD.
Corrected:...

FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc

Bug Traq - 29 January, 2020 - 04:44

Posted by FreeBSD Security Advisories on Jan 29

=============================================================================
FreeBSD-SA-20:03.thrmisc Security Advisory
The FreeBSD Project

Topic: kernel stack data disclosure

Category: core
Module: kernel
Announced: 2020-01-28
Credits: Ilja Van Sprundel
Affects: All supported versions of FreeBSD.
Corrected:...

APPLE-SA-2020-1-28-4 tvOS 13.3.1

Bug Traq - 29 January, 2020 - 04:38

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-4 tvOS 13.3.1

tvOS 13.3.1 is now available and addresses the following:

Audio
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3857: Zhuo Liang of Qihoo 360 Vulcan Team

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously...

APPLE-SA-2020-1-28-3 watchOS 6.1.2

Bug Traq - 29 January, 2020 - 04:38

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-3 watchOS 6.1.2

watchOS 6.1.2 is now available and addresses the following:

AnnotationKit
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3877: an anonymous researcher working with Trend Micro's
Zero Day Initiative

Audio...

APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra

Bug Traq - 29 January, 2020 - 04:38

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update
2020-001 Mojave, Security Update 2020-001 High Sierra

macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and
Security Update 2020-001 High Sierra are now available and
address the following:

AnnotationKit
Available for: macOS Catalina 10.15.2
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An...

APPLE-SA-2020-1-28-5 Safari 13.0.5

Bug Traq - 29 January, 2020 - 04:36

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-5 Safari 13.0.5

Safari 13.0.5 is now available and addresses the following:

Safari
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2020-3833: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)

Safari Login AutoFill...

APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4

Bug Traq - 29 January, 2020 - 04:33

Posted by Apple Product Security on Jan 29

APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4

iTunes for Windows 12.10.4 is now available and addresses the
following:

Mobile Device Service
Available for: Windows 7 and later
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved permissions logic.
CVE-2020-3861: Andrea Pierini (@decoder_it), Christian Danieli
(@padovah4ck)

Installation note:

iTunes for Windows 12.10.4 may be...

Defense in depth -- the Microsoft way (part 61): security features are built to fail (or documented wrong)

Bug Traq - 29 January, 2020 - 04:28

Posted by Stefan Kanthak on Jan 29

Hi @ll,

(a long[er] form of the following advisory is available at
<https://skanthak.homepage.t-online.de/snafu.html>)

With Windows 10 1607, Microsoft introduced the /DEPENDENTLOADFLAG
linker option, a security feature to restrict or limit the search
path for DLLs:

| On supported operating systems, this option has the effect of
| changing calls to LoadLibrary("dependent.dll") to the equivalent
| of...

LPE and RCE in OpenSMTPD (CVE-2020-7247)

Bug Traq - 29 January, 2020 - 04:24

Posted by Qualys Security Advisory on Jan 29

Qualys Security Advisory

LPE and RCE in OpenSMTPD (CVE-2020-7247)

==============================================================================
Contents
==============================================================================

Summary
Analysis
Exploitation
Acknowledgments

==============================================================================
Summary
==============================================================================...

CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template

Bug Traq - 27 January, 2020 - 14:00

Posted by Gianluca Baldi on Jan 27

Dear bugtraq,

Please find attached an advisory for the following vulnerability, " FusionAuth command execution via Apache Freemarker
Template".
Description: An authenticated attacker with enough privileges to access the template editing functions (either site
templates or e-mail templates) in the FusionAuth dashboard can execute commands on the underlying operating system
using the Apache FreeMarker Expression language.

For...

[slackware-security] mozilla-thunderbird (SSA:2020-024-01)

Bug Traq - 27 January, 2020 - 04:03

Posted by Slackware Security Team on Jan 27

[slackware-security] mozilla-thunderbird (SSA:2020-024-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-68.4.2-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...

WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001

Bug Traq - 23 January, 2020 - 23:02

Posted by Carlos Alberto Lopez Perez on Jan 23

------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2020-0001
------------------------------------------------------------------------

Date reported : January 23, 2020
Advisory ID : WSA-2020-0001
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2020-0001.html
WPE WebKit Advisory URL :...

[SECURITY] [DSA 4609-1] python-apt security update

Bug Traq - 23 January, 2020 - 22:58

Posted by Moritz Muehlenhoff on Jan 23

-------------------------------------------------------------------------
Debian Security Advisory DSA-4609-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 23, 2020 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : python-apt
CVE ID : CVE-2019-15795 CVE-2019-15796...
Syndicate content