Log

CVE-2019-7576 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
References
+ https://bugzilla.libsdl.org/show_bug.cgi?id=4490
+ https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15-and-sdl2/25720
+ https://hg.libsdl.org/SDL/rev/388987dff7bf
+ https://hg.libsdl.org/SDL/rev/f9a9d6c76b21
Notes
+ Upstream states that the fix is common with the one for CVE-2019-7578.
CVE-2019-7577 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
References
+ https://bugzilla.libsdl.org/show_bug.cgi?id=4492
+ https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15-and-sdl2/25720
+ https://hg.libsdl.org/SDL/rev/faf9abbcfb5f
+ https://hg.libsdl.org/SDL/rev/416136310b88
Notes
CVE-2019-7578 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
References
+ https://bugzilla.libsdl.org/show_bug.cgi?id=4494
+ https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15-and-sdl2/25720
+ https://hg.libsdl.org/SDL/rev/f9a9d6c76b21
+ https://hg.libsdl.org/SDL/rev/388987dff7bf
Notes
CVE-2019-7608 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Information disclosure
Description
+ Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or perform destructive actions on behalf of, other Kibana users.
References
+ https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Notes
CVE-2019-7609 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
References
+ https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Notes
CVE-2019-7610 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting xpack.security.audit.enabled set to true, an attacker could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
References
+ https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Notes
CVE-2019-7611 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Privilege escalation
Description
+ A permission issue was found in Elasticsearch when Field Level Security and Document Level Security are disabled and the _aliases, _shrink, or _split endpoints are used . If the elasticsearch.yml file has xpack.security.dls_fls.enabled set to false, certain permission checks are skipped when users perform one of the actions mentioned above, to make existing data available under a new index/alias name. This could result in an attacker gaining additional permissions against a restricted index.
References
+ https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Notes
CVE-2019-7612 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ A sensitive data disclosure flaw was found in the way Logstash logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
References
+ https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
Notes
CVE-2019-7635 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
References
+ https://bugzilla.libsdl.org/show_bug.cgi?id=4498
+ https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15-and-sdl2/25720
+ https://hg.libsdl.org/SDL/rev/7c643f1c1887
+ https://hg.libsdl.org/SDL/rev/f1f5878be5db
Notes
CVE-2019-7636 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
References
+ https://bugzilla.libsdl.org/show_bug.cgi?id=4499
+ https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15-and-sdl2/25720
+ https://hg.libsdl.org/SDL/rev/19d8c3b9c251
+ https://hg.libsdl.org/SDL/rev/07c39cbbeacf
Notes