Ramon De C Valle

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE versions 5.0u75, 6u85, 7u72, and 8u25 Oracle Java SE Embedded versions 7u71 and 8u6 JRockit versions 27.8.4 and 28.3.4 **Description** The issue affects confidentiality and integrity, allowing remote attackers to exploit it via vectors related to JSSE. **Recommendations** For Oracle Java SE versions 5.0u75, 6u85, 7u72, and 8u25, update to a version that is not affected by this issue. For Oracle Java SE Embedded versions 7u71 and 8u6, update to a version that is not affected by this issue. For JRockit versions 27.8.4 and 28.3.4, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to JSSE-related functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Katello versions 1.5.0-14 and earlier Red Hat Satellite (affected versions not specified) **Description** The issue concerns the users controller, which fails to check authorization for the `update roles` action. This allows remote authenticated users to gain privileges by setting a user account to an administrator account. **Recommendations** For Katello versions 1.5.0-14 and earlier, consider disabling the `update roles` action until a patch is available. For Red Hat Satellite, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat CloudForms Management Engine version 2.0 **Description** The issue concerns multiple directory traversal vulnerabilities in the AgentController. Remote attackers can exploit this to create and overwrite arbitrary files by including a .. (dot dot) in the `filename` parameter to specific methods. The affected methods include the log, upload, and linuxpkgs methods. **Recommendations** For Red Hat CloudForms Management Engine version 2.0, consider restricting access to the AgentController to minimize the risk of exploitation. As a temporary workaround, avoid using the `filename` parameter in the affected methods until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RPM versions prior to 4.9.1.3 **Description** The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be done remotely. **Recommendations** For versions prior to 4.9.1.3, update to version 4.9.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `headerVerifyInfo` function in lib/header.c until a patch is available.

**Name of the Vulnerable Software and Affected Versions** RPM versions prior to 4.9.1.3 **Description** The issue concerns multiple vulnerabilities in the RPM package of Gentoo Linux. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Specifically, the `headerLoad` function in `lib/header.c` does not properly validate region tags, allowing user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. **Recommendations** For versions prior to 4.9.1.3, update to version 4.9.1.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `headerLoad` function in `lib/header.c` until a patch is available. Avoid using large region sizes in package headers to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** RPM versions prior to 4.9.1.3 **Description** The issue is related to the improper validation of region tags in RPM, which can be exploited by remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. This can be achieved by sending an invalid region tag in a package header to specific functions, including the headerLoad, rpmReadSignature, or headerVerify function. The vulnerability may lead to a violation of confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 4.9.1.3, update to version 4.9.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the headerLoad, rpmReadSignature, and headerVerify functions until a patch is available. Avoid using invalid region tags in package headers to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ghostscript version 8.62 **Description** The issue allows local users to execute arbitrary PostScript code via a Trojan horse PostScript library file in the Encoding/ directory under the current working directory. **Recommendations** For Ghostscript version 8.62, consider restricting access to the Encoding/ directory to prevent the execution of arbitrary PostScript code until a patch is available. As a temporary workaround, avoid using the current working directory for PostScript library files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** glibc versions 2.3.4 glibc versions prior to 2.15-r3 **Description** The issue concerns multiple vulnerabilities in the glibc package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally. The vulnerabilities may cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file. **Recommendations** For glibc versions 2.3.4, consider updating to a version prior to 2.15-r3 to resolve the issue. For glibc versions prior to 2.15-r3, update to version 2.15-r3 or later to resolve the issue. As a temporary workaround, consider restricting access to the ` tzfile read` function until a patch is available.