DELTA 436719 0 2557 SVN(x'f;v?P0BNRg)Xvaf19ecd0-0f6a-11e7-970f-002590263bf5"> xen-tools -- Cirrus VGA Heap overflow via display refresh xen-tools 4.7.2The Z11.html">

A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model processcvename>CVE-2016-9603 http://xenbits.xen.org/xsa/advisory-21123 dGNj1x^0 =j .70'delo/&.![_&[q rN/Q7̝|\ Ll|{WZgES-}VB M):'4":?HRXE#~tk8=l뉰ow#ꁯ^cMןJǰ%4lG¢4Ѱm~b*9N@}ze6x^MQN0 |>?[ށJ!I tii.srG^R3gg/~Ek. Y`1yo!`WY Wꔀ`țy ;6΁'eI ]TWBIp$z=3jC GD-^]f֩y.ZvI]l 3/qvoX`&LFRrz[p8BKQ'VA+ȶE"ngx'I)K6&5HKYD{f׷"fqwuy8~^^WʩزKI1 WWc]!A$]U}b{s_}+5)ZU"B>5J>mx^}Rn0 ='_Adn΅jS t&ԑ Qu}d; R`|{@`naxiy]ֆ76GH4ZUex @<4V-uK _ֿLȯdq4SWG@If|,u[Xxn?d\n*[~tQM:EG{F&G,< Ao%LKQk#f]nEf7ǖ k˦ȿ*ȅ&I9sqնTϔTG)9l*@8r9c.H|2"M)UDu]!\B[S~ȡwQ@ R;]#jÌ~ cpfρ6,q 5vڙ $N?B?U=nb@x Ax^]Ao0 vڀ9͆ @b%MѱP[2D:t&ӓ"=q.a#g`Qlz/bLcb.ޮ,mc KkӅ;,], *`bɔxz<}a ILJ1 Y`S>38x!Wls>΀Dp9d.4djyrdhUf}TlRDEZ,| {'UkazĽ/^{p\ϮM̍8PVj}4ޮږ ˪MZG}V͋NiՄ,5Kn쵃o ÃOU/NŽF=aۂM4W3>3)JԺ- 0ߐA(݂gw^H)8TD8  ͦWǷfy-; VThb6:i-]kt5| L̫Z>\@ Ix^Ao0 rJR4 EQ:.KŦ\?*vN(W~G>p|,T_|*֛8êaRPb4>.%EypoWB(0KiC;]P9:Z1Op"?Z *m ƈUE=']]+R \n &D"-Hi 46' FSmH_ԿĄ=;Y{{2R@ˌ.n eF1wXCh姤/"pRВڵO^^efa&ƿxH xĀ$kyEG R֛l/Իel+KzN@XwdD\h?x^mN0 k2@4BC6M6"eԷǝpu7dE 6oG`;u,%ȶCpÀ 46"..&yC0K9!|Mcҭu-4L/F;qϿjL @B

The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possi 8rU x^N0 Skˀ Pw?q:fN@{ZRN.Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack.

Remediation Summary: Users should upgrade to 1.6.1 or later, or constrain access to the snapshot API to trusted sourcescvename>CVE-2015-5531fb3668df-32d7-11e5-a4a5-002590263bf5"> elasticsearch -- remote code exeѠ$qiSM@XAx^]n0)F\V*qqpIb3"؜7<ΔpyӯwQyپ@)-􌠝#6=`C"H yO5 ##a,C,,c|ya~Gr#Lfn30B^׿-'u=ATgd9}BC=(6dQDvGL~iLSkޝ5&,6`j6T!Y C3ck}.O KJk|PJX8.:hl=1uE*fLduUSÁ/bWn=kC D{Qʬcb 4>hF +9?9Mr}&L>eP?-_PeQ>N'W{]|\& 33}L &jLR#l"J'M:9I(Nhjp://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php">

With a crafted file name it is possible to trigger an XSS in the error reporting page.

In the error reporting feature, a parameter specifying the file was not correctly validated, allowing the attacker to derive the line count of an arbitrary file>un8ep,x^QKk0 >7B<ڦ[ Y`SUqD,qLl'7{vO"ё-PξePzd'SQ~[j{1;(̪}ց.,7VXC{Ǧ'x\ ҄u 3,AxE,4]`[*Uq"6`B-7 yK" wWt'B V^on*4TFw H6RX7yD`$LR[]jƉdr5i- fC_ mK"H7vNfHƙ[![G?O `K |T;v@E]@Xx^eP]O0|_/Tu9C!B/UU sqބs@²s|睸UQ֢jɛisOw#xpc'M f:3y.g͞2wi6i`o)s{ԫ($-zP%%9.%qe%q[g}hA(^X0(Y@+]'Աvg;)L4}8=-8Y-|4`o'4 Xu`'H_!< S@sxܿ. @V 1Wk`]uҰZlΡR͛F 0#u9кA;y=H=޶eߘ<Ą2T[K>&G%x^]OO0 SXp [R !\W-]oOnC"~z8(ʪuA+{l6ֿ?ZouWtA77 "KE?C˫iy5hle,x<+Ea.|W*EY^YLV[!m.$i%Y aBZfRsa푄qkCxX:K2K:&(kq!/ je♪&`[rGp$ ެs{F Wk0Te%cRW}:l[7p:E9É0Bn^B_OںmTB firefox 10.0,110.0.2,1 3.6.*,13.6.27ge>10.0,110.0.22ge>10.010.0.22 thunderbird 10.010.0.2 3.1.*3.1.19[rcL|Ax^Rˎ ]O*V*W~@?0DQUYq.qt c]c vTpH}l cG֞Uw+٨^kKBj KDN2(V5ZJqCR]E89SkA?!H3ŞNk냋]tH= `qQjt1n9hf1L8?ɏmS9L8|%;T)%H}$h)jZyGOj $ nDo־ȊVeKYdEjW٩,)O "bHAYmEڦTd^ַ]SsdwcW|\\X:%Clweɾ@** e1MmQ.u=V҈+x^uP]1}˲*fL;JT(",ꢾ4s f2Coݗ {9&hM';`!Hg FiM#cuڹ*z=0}~t(ob+M)z _7_>?~nx 0ncI8l AiNKWP}Gv j 1*Fڅb*ˢm=1(́7G2`ծ*|"5zt ÕIrù2A#S]2/ ggo:tq^GYhR.bH؊i92"0VJ-|_Lroi%aEuΛXKwzv'.@b=/M$,lUt J=55x^MO@O!1c DcA)6¯w[9hR?nM499a"`H %n`Ŋvds#^面~H;ixpZ A5e7&irrRɎ=d f[(:(͖RImoO1"TR/Q߻\]=NPd-u*un6'c(Cy ggEuC)g^*O-iW[օv>a˜b1|6kM ’[t޼ ar?;tkbUɛv 'hRr##BvzoŦ q"<1{=dq+L0U "X7 f\&g>A#:aIksJ?v@/?x^Qn =7_1Ɔ(#KުTM7\}鞪 oX圠XM N8'QjN) YV$2lr.eeyMs6v6qy۫=۶Ժ'N谚\p'#V\48 'g9XA-NN`hd4cAoP-VGGс:?,8#mm(] fC.`YZEQS QY\تteEB‡쬽Z{ve58(cwu6><~]y~~W~˩Ǟhz2iO\9dοh4H2e^RTYf*F,x̭KnreG Bh4C'-ZHq#HM3뙂f%KµS[SsP6qjl޽"~a~¦겂v:+KMYS(ҪmwNֱjɱK]K7q)Wҟm*ܼΠ=v x^}RMo0 =7ȹ+\صP$:VcKD'~()C$A>>O΢mVE<&ɂ5⮩Թ{,sQuy^M]]T^0yBGV 0:@F=?ڻ[PPS\='ns:5ڤ!V} ()7(@-Ugۢ)02m{%!YUU '4( '(3xJ^_ghK퉦{)sg>bɈz.wQy#ꪨƁ/rN렠=^RN~";ߊw1*P:#x 19h:V=X>8b3\Epxpv}ʅYA)<gA!̑Qy%gV0Uu]=9TvE{Wt)rx^]Mk0 ϝ_!΄C ^J8flb3KWΤ_0y<^G}sL)\ at_R<Oz'7J) Ώh&tihڞH(Jw[CȍNߚBnJ|%?0RW bTUWTNvRvuk(8Fěvy)BE(>WeD}#V|nK~UqG]H+CtDo7&N:S` GX?s#M PLwJ? \:W8 's\ۇH'g׉9oQ*Wv|7m{mKg??%;gz'p^>g;ځ w@Rx^Oo0)FpAqVa^*ęlF8;içg^۪8X7fdiǑvo4@Fe]ƬG\_U͞A(1quh]~O!Xb9^a4͜0%~tyMN.st< 8  Z"دEBbO9~,wa`;E@^Ftl9LE ktQȉaJ$%e+C2aDh1ngtBL:R$Vג8a&QC9$CLnքE78=Tw_/8#As~@i9 lx{J~q 9w;= _8с kx^RMs0=7bwO24N4׎֖QI_'ͭ}Oo._QYySmP! غ#Kmyu ޤjbR [3tΞQ$(mx'7m0pR{a $3|cdO {1jnжyt lg$;1H &`ViRvg8h~pEuM"@))տ#5]vaO^%q׿I6hL֐Ҳ֫tK\:ΰ5^\Jifxn)wY><@icPCsqEo'^$7oU./뚝/֭}o(\V+,iVsJ{"MѹFeYHL_&E <+ϻ ԍ!qoEc~5>IiuF4T'Z~77b-e9a5-11da-b9f4-00123ffe8333"> coppermine -- "file" Local File Inclusion Vulnerability coppermine 1.4.5665to disclose sensitive information.

Input passed to the "file" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

Example: http://[host]/index.php?file=.//././/././/././/./[file]%00 Yx^mSMo0=ïX)^8Q$3IFu3v=a\bE7+n-*3e 'e#">wZ+i߿4)'*qβH7 pfnL}ހ2SLF #u=Dm|rAijR1? "hq6DO(9'WQ A"=&!se\PNeK^Ǚ2WE*R^IvDi.-ϧ9FJ}jbā^rJ$ &d3cΆx<|BǁftZ~ b8\^~R zՎ)߻/aߥ$>,jl~9߇{-*1L:f3 $7zx94uf 65$ cчjH[^ߜH:H*heI]谡 nHk2̦'i#FV)xk{Lv Q37P|z,@0].=zd6P#,̈.IZbc ଏ#̸yo0 PЧO^L/9#4Jo֚(8?ltI|5;ca0j{lygspwE{ xi;SًlQ.&alAz -p%*^,(N#\ +u8崵kb[,p-r7-eQ@F:Tw?qx^]n EqlMҲī/X-OÝ;G84^"A:`[֘;HNhfCтo!RX;&Px ؍qSBE:d7Ҁ V^Urxf Rm :F#dV,U4&*i7d~| G f+e-N|ܢ}Ϭgoe2BV|XBBx0r)-*yS%>v9ݕRc_T9CS@)ʦfWB2W&uiw_O<l8c:Lx^mR0 =_aqf&a@hUUBqukmD=e $}~{9 @gz`cP/{n1( e'He(rL /dF =;1[2GDz7 9hgM#cfe*FYV%XcpXk3b(# ʖP}-K<ڥcmuC|Z͆ QHߥ)y&YFT;Ѿ^]%_MLp\U6v mc͓H7r|V1Tߟ?fzCE<ߊV+Sm2u:`l~_6.mr h6#dQ}H9palue of the newsgroup posting. This can potentially be a problem when the mode is not restrictive enough. In addition, the output directory is created with world writable permissions allowing other users to drop symlinks or other files at that location435f6093c-73c3-11d9-8a93-00065be4b5b6"> newsgrab -- directory traversal vulnerability newsgrab 0.4.0 S1}vQx^mRMo0 =إ;;xa۰k:H$'ET'= rJ`9+^{0=~c?g0(GPWj X#t0 1 >&9;qF'$N;Ϡ]|dG"lHezuz|n@-lƨW,`ONa$V]p1튢ʊ[ S4SILvCJg1?ʟ0_Zϰ&{q 62^v{0<DZHۭ|Hgz>^}82mh|[\_Z^fo "Kh swk\U wYT"\?e /UV/{Y|K~4[;Y-O"u)u%G0 zH (&iG:#Nt"eېi+bW27e("񱂟amC@{t>a hx^MM ϛ_1ʡڀ/۞JҮ36 qdywf@TUq4fPyp4~Ne@ <ڧpqiň*!zPζ:jgs$x CԝV2GR9: y[M8'%i@ڞH Pi;y D}A'{c&>qu{\oNla+7-A.fblAD>Wnd_ec>Ŏ8%lfa`咟䈹ȮC02|+y%¨YZ-ҦZ=)*>65{h3^AkvmViVpNC9pebgBUVqYfsbOC+:UCD !=/äm plpU}%ɮ#{^1ZKylP0HKM?[veEZR2nHx^Mn0 =>ā zcJ$zB:j5+lCmK`'Z#vo*-a9>]b!҈jvFʏTD FX BA7=Gk]E܇OZ+Ԓ&3Y̖: Bkv̸ Ӱۧ\{Ti Q LTN3R>w@fhx^Rr <'_\b0tO9fp_'NjiW+