CVE-2018-12828 – flash-plugin: Privilege Escalation vulnerability (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12828
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de "uso de un componente con una vulnerabilidad conocida". Su explotación con éxito podría conducir al escalado de privilegios. • http://www.securityfocus.com/bid/105071 http://www.securitytracker.com/id/1041448 https://access.redhat.com/errata/RHSA-2018:2435 https://helpx.adobe.com/security/products/flash-player/apsb18-25.html https://access.redhat.com/security/cve/CVE-2018-12828 https://bugzilla.redhat.com/show_bug.cgi?id=1616027 •
CVE-2018-12824 – Adobe Flash MP3 Parsing COMM Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-12824
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/105066 http://www.securitytracker.com/id/1041448 https://access.redhat.com/errata/RHSA-2018:2435 https://helpx.adobe.com/security/products/flash-player/apsb18-25.html https://access.redhat.com/security/cve/CVE-2018-12824 https://bugzilla.redhat.com/show_bug.cgi?id=1616026 • CWE-125: Out-of-bounds Read •
CVE-2018-12825 – flash-plugin: Security Mitigation Bypass vulnerability (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12825
Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de omisión de seguridad. Su explotación con éxito podría resultar en una omisión de la mitigación de seguridad. • http://www.securityfocus.com/bid/105070 http://www.securitytracker.com/id/1041448 https://access.redhat.com/errata/RHSA-2018:2435 https://helpx.adobe.com/security/products/flash-player/apsb18-25.html https://access.redhat.com/security/cve/CVE-2018-12825 https://bugzilla.redhat.com/show_bug.cgi?id=1616028 •
CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVE-2018-10897 – yum-utils: reposync: improper path validation may lead to directory traversal
https://notcve.org/view.php?id=CVE-2018-10897
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected. Se ha detectado un problema de salto de directorio en reposync, de yum-utils, en el que reposync falla a la hora de sanear rutas en los archivos de configuración del repositorio remoto. • http://www.securitytracker.com/id/1041594 https://access.redhat.com/errata/RHSA-2018:2284 https://access.redhat.com/errata/RHSA-2018:2285 https://access.redhat.com/errata/RHSA-2018:2626 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897 https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c https://github.com/rpm-software-management/yum-utils/pull/43 https • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •