DESCRIPTION:Multiple vulnerabilities have been discovered in Adobe Products, themost severe of which could allow for arbitrary code execution. * Dimension is a 3D rendering and design software.* Illustrator is a vector graphics editor and design program.* Adobe Framemaker is a document processing software used to write andedit large or complex documents.* Acrobat and Reader is a family of application software and Webservices mainly used to...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Mozilla Firefox andFirefox Extended Support Release (ESR), the most severe of which couldallow for arbitrary code execution. Mozilla Firefox is a web browserused to access the Internet. Mozilla Firefox ESR is a version of the webbrowser intended to be deployed in large organizations. Successfulexploitation of these vulnerabilities could allow for arbitrary codeexecution. Depending on the privileges associated with the...
Read More
Description:A new NTLM relay attack called PetitPotam has been discovered that allows threat actors to take over a domain controller, and thus an entire Windows domain.Many organizations utilize Microsoft Active Directory Certificate Services, which is a public key infrastructure (PKI) server that can be used to authenticate users, services, and machines on a Windows domain.PetitPotam’ that performs an NTLM relay attack that does not rely...
Read More
Description:fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. Impact: Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Mitigation: Updates are available. Please see the references or vendor advisory for...
Read More
An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database.An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have the ability to execute...
Read More
