Security Vulnerabilities - CVEs Published In November 2017
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVSS Score
8.8
EPSS Score
0.143
Published
2017-11-13
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service (invalid write and application crash) or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-11-12
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allows remote attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and application crash) or possibly have unspecified other impact via a crafted PNG file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-11-12
In CMS Made Simple 2.2.3.1, the is_file_acceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end with a "php" substring, which allows remote attackers to bypass intended access restrictions or trigger XSS via other extensions, as demonstrated by .phtml, .pht, .html, or .svg.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-11-12
In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1_name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-11-12
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of service (incorrect malloc and heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-11-12
The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file, as demonstrated by an erroneous png_load call that occurs because of incorrect integer data types in png2swf.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-12
Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-11-11
The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.
CVSS Score
9.8
EPSS Score
0.019
Published
2017-11-10
The installer in MyBB before 1.8.13 has XSS.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-11-10