Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
Libav CVE-2017-16803 Denial of Service Vulnerability
Node.js CVE-2017-14919 Denial of Service Vulnerability
IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability

Enlarge (credit: Flickr user: Ivan T)

When a company like Microsoft needs to fix a security flaw in one of its products, the process is normally straightforward: determine where the bug lies, change the program's source code to fix the bug, and then recompile the program. But it looks like the company had to step outside this typical process for one of the flaws it patched this Tuesday. Instead of fixing the source code, it appears that the company's developers made a series of careful changes directly to the buggy program's executable file.

Bug CVE-2017-11882 is a buffer overflow in the ancient Equation Editor that comes with Office. The Equation Editor allocates a fixed-size piece of memory to hold a font name and then copies the font name from the equation file into this piece of memory. It doesn't, however, check to ensure that the font name will fit into this piece of memory. When provided with a font name that's too long, the Equation Editor overflows the buffer, corrupting its own memory, and an attacker can use this to execute arbitrary malicious code.

Curious how a buffer overflow works? Previously on Ars we did a deep-dive explanation. (video link)

Read 7 remaining paragraphs | Comments

Multiple TIBCO Products CVE-2014-2542 Multiple HTML Injection Vulnerabilities
Linux kernel CVE-2017-15115 Local Denial of Service Vulnerability
Cisco Umbrella Insights Virtual Appliance CVE-2017-12350 Local Privilege Escalation Vulnerability
Oracle Tuxedo CVE-2017-10267 Remote Security Vulnerability
Apache Camel CVE-2017-12633 Deserialization Remote Code Execution Vulnerability
Apache Camel CVE-2017-12634 Deserialization Remote Code Execution Vulnerability
Apache CouchDB CVE-2017-12635 Remote Privilege Escalation Vulnerability
Cisco IP Phone 8800 Series CVE-2017-12305 Local Command Injection Vulnerability
Internet Storm Center Infocon Status