$0.99 Kindle Books Security Vulnerabilities

Fedora Core 9 FEDORA-2009-4997 (drupal)

The remote host is missing an update to drupal announced via advisory...

Fedora Core 10 FEDORA-2009-5002 (drupal)

The remote host is missing an update to drupal announced via advisory...

Fedora Core 10 FEDORA-2009-5002 (drupal)

The remote host is missing an update to drupal announced via advisory...

Fedora Core 9 FEDORA-2009-4997 (drupal)

The remote host is missing an update to drupal announced via advisory...

FreeBSD : drupal -- XSS (a6605f4b-4067-11de-b444-001372fd0af2)

The Drupal Security Team reports : When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...

Fedora 10 : drupal-6.12-1.fc10 (2009-5002)

Fixes SA-CORE-2009-006 ( http://drupal.org/node/461886 ). Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. When outputting user-supplied data Drupal strips potentially...

Fedora 9 : drupal-6.12-1.fc9 (2009-4997)

Fixes SA-CORE-2009-006 ( http://drupal.org/node/461886 ). Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. When outputting user-supplied data Drupal strips potentially...

About the security content of Security Update 2009-002 / Mac OS X v10.5.7

About the security content of Security Update 2009-002 / Mac OS X v10.5.7 * Last Modified: May 12, 2009 * Article: HT3549 Summary This document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or...

SA-CORE-2009-006 - Drupal core - Cross site scripting

When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are valid in the UTF-8....

drupal -- cross-site scripting

The Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user...

quagga DoS

Assertion on receiving prefix with large number of 4-byte AS...

CVE-2009-1341

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA...

Memory corruption

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA...

[SECURITY] Fedora 9 Update: chmsee-1.0.1-12.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

[SECURITY] Fedora 9 Update: chmsee-1.0.1-11.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

CVE-2009-1266

Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack...

Design/Logic Flaw

Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack...

Design/Logic Flaw

The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE...

Code injection

Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5...

CVE-2009-1268

The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE...

CVE-2009-1269

Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5...

CVE-2009-1284

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...

CVE-2009-1284

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...

CVE-2009-1284

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...

Buffer overflow

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...

CVE-2009-1284

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...

CVE-2009-1284

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file. Bugs http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920 https://bugzilla.redhat.com/show_bug.cgi?id=492136 Notes Author| Note...

Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM

This article originally appeared on InformIT.com as part of Gary McGraw’s Software [In]Security series. Using the Software Security Framework (SSF) introduced in October, we interviewed nine executives running top software security programs in order to gather real data from real programs.Our goal.....

CVE-2009-1210

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party...

Format string

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party...

[SECURITY] Fedora 9 Update: chmsee-1.0.1-10.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

[SECURITY] Fedora 9 Update: chmsee-1.0.1-10.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

[SECURITY] Fedora 9 Update: chmsee-1.0.1-9.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

Fedora Update for gnucash FEDORA-2007-256

Check for the Version of...

Fedora Update for squirrelmail FEDORA-2007-088

Check for the Version of...

Fedora Update for squirrelmail FEDORA-2007-089

Check for the Version of...

Fedora Update for speex FEDORA-2008-3103

Check for the Version of...

Fedora Update for speex FEDORA-2008-3191

Check for the Version of...

Fedora Update for comix FEDORA-2008-2981

Check for the Version of...

Fedora Update for comix FEDORA-2008-2993

Check for the Version of...

Microsoft Security Bulletin MS09-003 - Critical Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)

Microsoft Security Bulletin MS09-003 - Critical Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) Published: February 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft...

[SECURITY] Fedora 9 Update: chmsee-1.0.1-8.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....

PR08-22: Persistent XSS on Novell GroupWise WebAccess

PR08-22: Persistent XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: High Credits: Jan Fry of ProCheckUp Ltd (www.procheckup.com). ProCheckUp thanks Novell for working with us in such.....

PR08-23: XSS on Novell GroupWise WebAccess

PR08-23: XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: Medium Credits: Richard Brain of ProCheckUp Ltd (www.procheckup.com). ProCheckUp thanks Novell for working with us in such a...

RedHat Security Advisory RHSA-2009:0057

The remote host is missing updates announced in advisory RHSA-2009:0057. SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for...

RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:0057)

An updated squirrelmail package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is an easy-to-configure, standards-based, webmail package written....

RedHat Security Advisory RHSA-2009:0057

The remote host is missing updates announced in advisory RHSA-2009:0057. SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for...

CentOS 3 / 4 / 5 : squirrelmail (CESA-2009:0057)

An updated squirrelmail package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is an easy-to-configure, standards-based, webmail package written....

squirrelmail security update

CentOS Errata and Security Advisory CESA-2009:0057 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for maximum...

(RHSA-2009:0057) Important: squirrelmail security update

SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for maximum browser-compatibility, strong MIME support, address books, and folder.....