CVE-2016-0053: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word…

CVE-2016-0053 [HIGH] CWE-119 GHSA-x478-wm9f-48j7: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps Server 2013 SP1, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVE-2020-14300 [MEDIUM] CWE-271 docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116 (https://access.redhat.com/errata/RHSA-2017:0116). The CVE-2020-14300 was assigned to this security regression and it is specific to the docker packages produced by Red Hat. The original issue - CVE-2016-9962 - could possibly allow a process inside container to compro

CVE-2016-8867 [HIGH] docker: Ambient capability usage in containers docker: Ambient capability usage in containers Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes. The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root. Statement: This issue only affected a single version of the docker packages as shipped with Red Hat Enterprise Linux 7 Extras - docker-1.13.1-108.git4ef4b30.el7. This version was released on January 8th 2020 via erratum RHBA-2020:0053 and the problem was corrected in version

CVE-2016-9018 RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) --- Tested on: Win7 / Win10 x64 Date: October 20th 2016 Vendor homepage: http://www.real.com Software link: http://realplayer-download.real.com/free/windows/installer/stubinst/stub/rt1/T10EUDRP/RealTimes-RealPlayer.exe File version (both realplay.exe and qcpfformat.dll): 18.1.5.705 Exploit author: Alwin Peppels Found with: Peach Fuzzer Context: eax=00000002 ebx=00000000 ecx=0d4cb9a0 edx=00000000 esi=00000000 edi=046abd0c eip=534013dc esp=00d7e254 ebp=00d7e254 iopl=0 nv up ei pl nz na po nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010202 qcpfformat+0x13dc: 534013dc 0fb64203 movzx eax,byte ptr [edx+3] ds:002b:00000003=?? Call stack: # ChildEBP RetAddr Args to Child WARNING: Stack unwind information not available. Following f

CVE-2016-3986 Avast! - Authenticode Parsing Memory Corruption Avast! - Authenticode Parsing Memory Corruption --- Source: https://code.google.com/p/google-security-research/issues/detail?id=668 The attached PE file causes memory corruption in Avast, it looks related to authenticode parsing. (474.c0c): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=128be364 ebx=30303030 ecx=12555e70 edx=128bd032 esi=30303030 edi=00000000 eip=740b4454 esp=10cedfa8 ebp=12555e70 iopl=0 nv up ei pl nz na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206 aswCmnBS_74080000!StreamHashClose+0x7dd4: 740b4454 8b06 mov eax,dword ptr [esi] ds:002b:30303030=???????? 0:080> ub aswCmnBS_74080000!StreamHashClose+0x7dc5: 740b4445 55 push ebp 740b44

[HIGH] Microsoft Patch Tuesday - February 2016 Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains twelve bulletins addressing 37 vulnerabilities. Five bulletins are rated critical and address vulnerabilities in Internet Explorer, Edge, Windows Journal, Office and Windows PDF. The remaining seven bulletins are rated important and address vulnerabilities in the Network Policy Server (NPS), Active Directory, Windows, Remote Desktop Protocol, WebDAV, Kernel Mode Driver and the .NET Framework. ## Bulletins Rated Critical Microsoft bulletins MS16-009, MS16-011 through MS16-013, and MS16-015 are rated as critical in this month's release. MS16-009 and MS16-011 are this month's Internet Explorer and Edge security bulletin resp

[HIGH] Patch Tuesday February 2016 | Qualys We are back to normal numbers on Patch Tuesday. After a light start with nine bulletins in January we are getting 12 bulletins (five critical) in February, which is in line with the average count for last year: 12.25/month: Actually it is 13, but the last one this month, MS16-022, is more of a packaging change. It concerns Adobe Flash, a software package where updating has already been handled by Microsoft for the last 3 ½ years in the Internet Explorer 10 and 11 browsers. In the past this update was tracked under the single under the security advisory KB2755801. Now there is a real bulletin for it. At the very least the new format provides better handling and tracking. None of the vulnerabilities described is in the use in the wild, but many are rated as easily exploitable by both Micros

[HIGH] Microsoft Patch Tuesday - February 2016 ## Microsoft Patch Tuesday - February 2016 Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains twelve bulletins addressing 37 vulnerabilities. Five bulletins are rated critical and address vulnerabilities in Internet Explorer, Edge, Windows Journal, Office and Windows PDF. The remaining seven bulletins are rated important and address vulnerabilities in the Network Policy Server (NPS), Active Directory, Windows, Remote Desktop Protocol, WebDAV, Kernel Mode Driver and the .NET Framework. ## Bulletins Rated Critical Microsoft bulletins MS16-009, MS16-011 through MS16-013, and MS16-015 are rated as critical in this month's release. MS16-009 and MS16-011 are this month's Inter

[HIGH] Patch Tuesday February 2016 | Qualys We are back to normal numbers on Patch Tuesday. After a light start with nine bulletins in January we are getting 12 bulletins (five critical) in February , which is in line with the average count for last year: 12.25/month: Actually it is 13, but the last one this month, MS16-022 , is more of a packaging change. It concerns Adobe Flash, a software package where updating has already been handled by Microsoft for the last 3 ½ years in the Internet Explorer 10 and 11 browsers. In the past this update was tracked under the single under the security advisory KB2755801. Now there is a real bulletin for it. At the very least the new format provides better handling and tracking. None of the vulnerabilities described is in the use in the wild, but many are rated as easily exploitable by both Micr

[HIGH] Zscaler found Multiple Security Vulnerabilities | 02-09-2016 Provide users with seamless, secure, reliable access to applications and data. Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud. Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems. Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners. Industry Report Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE) USE CASES INDUSTRY & MARKET SOLUTIONS PARTNERS TECHNOLOGY PARTNERS Resource Center Events & Trainings Security Research & Services Tools Community & Support CXO REVOLUTIONARIES Amplifying the voices of real-world digital and zero trust pioneers Discover how it began and where it’s going Meet o

CVE-2020-14300 [MEDIUM] CVE-2020-14300 docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc CVE-2020-14300 docker: Security regression of CVE-2016-9962 due to inclusion of vulnerable runc The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116 (https://access.redhat.com/errata/RHSA-2017:0116). The CVE-2020-14300 was assigned to this security regression and it is specific to the docker packages produced by Red Hat. The original issue - CVE-2016-9962 - could possibly allow a process inside con