Advisories 2016/01

Security advisories for vulnerabilities identified by Blue Frost Security.

IE11 CObjectElement Use-After-Free Vulnerability

A use-after-free vulnerability was identified which allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer.

OpenSSH PAM Privilege Separation Vulnerabilities

Multiple vulnerabilities in OpenSSH were identified that could allow successful authentication as an arbitrary user and thus impersonation of other users.

IE11 CTreeNode::GetCascadedLang Use-After-Free Vulnerability

A use-after-free vulnerability was identified which allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer.