DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
IMPACT:Multiple vulnerabilities have been discovered in Oracle products, whichcould allow for remote code execution. SYSTEM AFFECTED:* Business Intelligence Enterprise Edition, versions 5.5.0.0.0,11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0* Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0* Enterprise Manager for Fusion Applications, version 13.3.0.0* Enterprise Manager Ops Center, version 12.4.0.0* Hyperion Financial Reporting, version 11.1.2.4* Hyperion Infrastructure Technology, version 11.1.2.4* Instantis EnterpriseTrack, versions 17.1-17.3* JD Edwards EnterpriseOne Orchestrator, versions prior to...
Read More
DESCRIPTIONSudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character: IMPACTA heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user (users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Siemens’ Solid Edge,the most severe of which could allow for arbitrary code execution in thecontext of the system process. Solid Edge is used for designing andviewing 2D and 3D models. Depending on the privileges associated withthe application, an attacker could view, change, or delete data. If thisapplication has been configured to have fewer user rights on the system,exploitation of...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Siemens’ JT2Go andTeamcenter Visualization products, the most severe of which could allowfor arbitrary code execution in the context of the system process. JT2Goand Teamcenter Visualization are used for viewing 3D models. Dependingon the privileges associated with the application, an attacker couldview, change, or delete data. If this application has been configured tohave fewer user rights on the system, exploitation...
Read More
