Tim Starling

Name of the Vulnerable Software and Affected Versions: Firejail versions 0.9.62 and earlier Description: The issue is related to the mishandling of shell metacharacters during the use of the --output or --output-stderr option, which may lead to command injection. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Recommendations: For Firejail versions 0.9.62 and earlier, consider disabling the use of the --output and --output-stderr options until a patch is available. Restrict access to the vulnerable functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Firejail versions 0.9.62 and earlier Description: The issue is related to the lack of measures to neutralize special elements in the `check output` function from `output.c` in the Firejail isolated program environment. This may allow an attacker to gain access to confidential data, compromise their integrity, and cause a denial of service. The problem is also described as Firejail not honoring the `--end-of-options` indicator after the `--output` option, which may lead to command injection. Recommendations: For Firejail versions 0.9.62 and earlier, as a temporary workaround, consider disabling the `check output` function until a patch is available. Restrict access to the `--output` option to minimize the risk of command injection. Avoid using the `--output` option with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.31.8 MediaWiki versions 1.32.x MediaWiki versions 1.33.x prior to 1.33.4 MediaWiki versions 1.34.x prior to 1.34.2 **Description** The issue concerns private wikis behind a caching server that use the img auth.php image authorization security feature. Due to mishandled Cache-Control and Vary headers, files may have been cached publicly, allowing any unauthorized user to view them. This results in the potential disclosure of protected information. **Recommendations** For MediaWiki versions prior to 1.31.8, update to version 1.31.8 or later. For MediaWiki versions 1.32.x, update to version 1.33.4 or later, or apply the necessary patches. For MediaWiki versions 1.33.x prior to 1.33.4, update to version 1.33.4 or later. For MediaWiki versions 1.34.x prior to 1.34.2, update to version 1.34.2 or later. As a temporary workaround, consider restricting access to the img auth.php feature until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** man2html version 1.6 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages. **Recommendations** For man2html version 1.6, update to a version that fixes this issue, as using older versions poses a risk of XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CUPS versions prior to 1.4.4 Mac OS X 10.5.8 Mac OS X 10.6 versions prior to 10.6.4 **Description** A cross-site request forgery (CSRF) issue exists in the web interface, allowing remote attackers to hijack the authentication of administrators for requests that change settings. **Recommendations** For CUPS versions prior to 1.4.4, update to version 1.4.4 or later to resolve the issue. For Mac OS X 10.5.8, consider upgrading to a newer version of Mac OS X that includes the fix. For Mac OS X 10.6 versions prior to 10.6.4, update to Mac OS X 10.6.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LibThai versions prior to 0.1.13 **Description** The issue is related to multiple integer overflows that might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows. This is related to the thbrk/thbrk.c and thwbrk/thwbrk.c components. **Recommendations** For versions prior to 0.1.13, update to version 0.1.13 or later to resolve the issue. As a temporary workaround, consider restricting the input length to prevent long strings from triggering heap-based buffer overflows.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin (phpmyadmin) extension versions 3.0.1 and earlier for TYPO3 **Description** The issue is related to a cross-site scripting (XSS) vulnerability, which allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors, potentially leading to unauthorized access or control over the affected system. **Recommendations** For phpMyAdmin (phpmyadmin) extension versions 3.0.1 and earlier, update to a version later than 3.0.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions prior to 2.11.7 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This occurs when an attacker can inject arbitrary web script or HTML into a website, potentially allowing them to steal user data or take control of the user's session. The vulnerability is exploitable when register globals is enabled and .htaccess support is disabled, involving scripts in the libraries/ directory. **Recommendations** For versions prior to 2.11.7, update to version 2.11.7 or later to resolve the issue. As a temporary workaround, consider disabling register globals or enabling .htaccess support to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 4.4.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by providing a malformed JPEG image. This is due to a problem in the exif read data function within the Exif module. **Recommendations** For versions prior to 4.4.1, update to version 4.4.1 or later to resolve the issue. As a temporary workaround, consider disabling the exif read data function until a patch is available.