Andre Protas

**Nome do software vulnerável e versões afetadas** Versões do GNU Mailman anteriores à 2.1.35 **Descrição** A vulnerabilidade permite a escalada remota de privilégios. Um determinado valor de `csrf token` é derivado da `admin password` e pode ser utilizado para realizar um ataque de força bruta contra essa senha. **Recomendações** Para versões do GNU Mailman anteriores à 2.1.35, atualize para a versão 2.1.35 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso à interface de administração para minimizar o risco de exploração.

**Nome do software vulnerável e versões afetadas** Versões do GNU Mailman anteriores à 2.1.35 **Descrição** A vulnerabilidade permite a escalada remota de privilégios. Um valor `csrf token` não é específico a uma única conta de usuário. Um invasor pode obter um valor no contexto de uma conta de usuário sem privilégios e, em seguida, usar esse valor em um ataque CSRF contra um administrador, o que pode levar à apropriação da conta. **Recomendações** Para versões anteriores à 2.1.35, atualize para a versão 2.1.35 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso às contas de administrador ou implementar medidas adicionais de proteção contra CSRF até que um patch seja aplicado.

**Name of the Vulnerable Software and Affected Versions** Apache Spark versions 1.3.x through master **Description** The issue concerns a convenience script in Apache Spark's Apache Maven-based build that downloads and runs a zinc server to speed up compilation. This server accepts connections from external hosts by default. A specially-crafted request to the zinc server could cause it to reveal information in files readable to the developer account running the build. Note that this issue does not affect end users of Spark, only developers building Spark from source code. **Recommendations** For versions 1.3.x through master, consider disabling the zinc server or restricting its access to prevent external connections until a patch is available. As a temporary workaround, restrict access to the `build/mvn` script to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BlackBerry Application Web Loader version 1.0 **Description** The issue is related to multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control. This can be exploited by remote attackers to execute arbitrary code, potentially through the use of the `load` or `loadJad` method. **Recommendations** For BlackBerry Application Web Loader version 1.0, as a temporary workaround, consider disabling the `load` and `loadJad` methods until a patch is available. Restrict access to the AxLoader ActiveX control to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: NetCamPlayerWeb11gv2.ocx version prior to firmware 1.25 Description: The issue is related to a stack-based buffer overflow in the SetSource method of the NetCamPlayerWeb11gv2 ActiveX control. This allows remote attackers to execute arbitrary code via long invalid arguments. Recommendations: For versions prior to firmware 1.25, update to firmware 1.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the SetSource method in the NetCamPlayerWeb11gv2 ActiveX control until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Free Lossless Audio Codec (FLAC) versions prior to 1.2.1 **Description** The issue allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag for the FLAC image file in a crafted .FLAC file. **Recommendations** For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue.