TTCSIRT-129.061218: TT-CSIRT Advisory – Android Security Updates

  • Home
  • Archive for category "Security Advisories"
TTCSIRT-129.061218: TT-CSIRT Advisory – Android Security Updates
By

Google has released a security update stating that the following vulnerabilities have been discovered in the Android OS: a) Multiple information disclosure vulnerabilities in Framework – (CVE-2017-13227, CVE-2018-9340). b) Multiple elevation of privilege vulnerabilities in Framework – (CVE-2018-9338, CVE-2018-9339). c) Multiple elevation of privilege vulnerabilities in Kernel components – (CVE-2017-17558, CVE-2017-17806, CVE-2017-17807, CVE-2018-9363). d) An […]

Read More
TTCSIRT-128.060818: TT-CSIRT Advisory – Mozilla Security Updates
By

Mozilla has released a security update stating that a vulnerability in the Mozilla Firefox Browser exists where a heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file. This results in a potentially exploitable crash and a remote attacker could exploit these vulnerabilities to take control of […]

Read More
TTCSIRT-127.060818: TT-CSIRT Advisory – Adobe Security Updates
By

Adobe has released a security update stating that Adobe Flash Player is prone to the following vulnerabilities: a) A stack-based buffer overflow that could allow for arbitrary code execution – (CVE-2018-5002). b) A type confusion that could allow for arbitrary code execution – (CVE-2018-4945). c) An integer overflow that could lead to information disclosure – […]

Read More
TTCSIRT-126.060418: TT-CSIRT Advisory – Chrome Security Updates
By

Google has released a security state stating that the following vulnerabilities have been discovered in Google Chrome: a) Heap buffer overflow in Skia – (CVE-2018-6141, CVE-2018-6126) b) Incorrect escaping of MathML in Blink – (CVE-2018-6145) c) Incorrect mutability protection in WebAssembly – (CVE-2018-6131) d) Leak of visited status of page in Blink – (CVE-2018-6137) e) […]

Read More
TTCSIRT-125.060418: TT-CSIRT Advisory – Apple Security Updates
By

Apple has released a security update stating that it has discovered the following vulnerabilities in the macOS High Sierra 10.13.5: a) Accessibility Framework – a malicious application may be able to execute arbitrary code with system privileges (CVE-2018-4196). b) AMD – a local user may be able to read kernel memory (CVE-2018-4253). c) Bluetooth – […]

Read More
TTCSIRT-124.052518: TT-CSIRT Advisory – Malware Security Updates
By

Talos has reported that a sophisticated modular malware system known as VPNFilter has a destructive capability that can make the affected device unusable. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment as well as QNAP network-attached storage (NAS) devices. In addition, compromised devices may be vulnerable to the […]

Read More
TTCSIRT-123.052518: TT-CSIRT Advisory – Cisco Security Updates
By

Cisco has released a security update stating that a vulnerability in Cisco Digital Network Architecture (DNA) Center which could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials.This is due to the presence of undocumented, static user credentials for the default […]

Read More
TTCSIRT-122.052118: TT-CSIRT Advisory – Thunderbird Security Updates
By

Mozilla has released a security update stating that multiple vulnerabilities have been identified in Mozilla Thunderbird: a) Multiple memory corruption vulnerabilities which could result in arbitrary code execution – (CVE-2018-5150). b) A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash – (CVE-2018-5154). c) […]

Read More
TTCSIRT-121.052118: TT-CSIRT Advisory – BIND Security Updates
By

The Internet Systems Consortium (ISC) has released a security update stating that A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause […]

Read More
TTCSIRT-120.051718: TT-CSIRT Advisory – Microsoft Security Updates
By

Microsoft has released a security update stating that multiple vulnerabilities have been discovered in Microsoft Office PowerPoint and Excel for Mac where an attacker could entice a victim to open a specially crafted file using the affected application where Microsoft Office PowerPoint and Excel for Mac fails to properly handle objects in memory. Details of […]

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram