all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in XZ Utils Could Allow for Remote Code Execution

Add to bookmarks
March 29, 2024, 7:19 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in XZ Utils that could allow for remote code execution. XZ is a general-purpose data compression format present in nearly every Linux distribution, both community projects and commercial product distributions. Successful exploitation of this vulnerability could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user …

code code execution commercial community compression context data data compression distribution distributions exploitation general linux product projects purpose remote code remote code execution vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 18 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 6 days, 21 hours ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Oracle Quarterly Critical Patches Issued April 16, 2024 1 week, 6 days ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 2 weeks ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 2 weeks ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 weeks, 1 day ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 2 weeks, 5 days ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 2 weeks, 6 days ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 3 weeks ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

EY- GDS- Cybersecurity- Staff

@ EY | Miguel Hidalgo, MX, 11520
View on infosec-jobs.com

Staff Security Operations Engineer

@ Workiva | Ames
View on infosec-jobs.com

Public Relations Senior Account Executive (B2B Tech/Cybersecurity/Enterprise)

@ Highwire Public Relations | Los Angeles, CA
View on infosec-jobs.com

Airbus Canada - Responsable Cyber sécurité produit / Product Cyber Security Responsible

@ Airbus | Mirabel
View on infosec-jobs.com

Investigations (OSINT) Manager

@ Logically | India
View on infosec-jobs.com

Security Engineer I, Offensive Security Penetration Testing

@ Amazon.com | US, NY, Virtual Location - New York
View on infosec-jobs.com
View more jobs