Nov. 7th, 2016 – Weekly Vulnerabilities Report – 18 Bugs

3
0



———► SUBSCRIBE:

1. Citrix Receiver

Vendor: Citrix

A vulnerability was reported in Citrix Receiver Desktop Lock. A
physically local user can bypass security restrictions.

Impact: User access via local system

Alert:

2. cURL

Vendor: curl.haxx.se

Multiple vulnerabilities were reported in cURL/libcurl. A
remote or local user can execute arbitrary code on the target
system. A remote user can modify cookies on the target system. A
remote user can reuse sessions. A local user can obtain potentially
sensitive information from system memory.

Impact: Disclosure of system information

Alert:

3. Norton Mobile Security

Vendor: Symantec

Several vulnerabilities were reported in Norton Mobile Security
for Android. A remote user can cause the target application to
crash. A remote user can bypass whitelist security controls on the
target system. A physically local user can obtain potentially
sensitive information.

Impact: Denial of service via network

Alert:

4. Cisco Meeting Server

Vendor: Cisco

A vulnerability was reported in Cisco Meeting Server. A remote
user can execute arbitrary code on the target system.

Impact: Denial of service via network

Alert:

5. Citrix NetScaler

Vendor: Citrix

A vulnerability was reported in Citrix NetScaler ADC. A remote
user can hijack the target user’s session.

Impact: Modification of authentication information

Alert:

6. Django

Vendor: djangoproject.com

Several vulnerabilities were reported in Django. A remote user
can obtain potentially sensitive information on the target system.
A remote user can gain access to the target system. A remote user
can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information

Alert:

7. BIND

Vendor: ISC (Internet Software Consortium)

A vulnerability was reported in BIND. A remote user can cause
the target service to crash.

Impact: Denial of service via network

Alert:

8. Cisco TelePresence

Vendor: Cisco

A vulnerability was reported in Cisco TelePresence Endpoints. A
local user can obtain elevated privileges on the target system.

Impact: Disclosure of authentication information

Alert:

9. Cisco Email Security Appliance

Vendor: Cisco

A vulnerability was reported in Cisco Email Security Appliance.
A remote user can bypass security controls on the target system.

Impact: Host/resource access via network

Alert:

Recommended for you

3 COMMENTS

Leave a Reply