Microsoft Office Memory Corruption Vulnerability (CNVD-2016-12456)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A memory corruption vulnerability exists in Microsoft Office software. An attacker can exploit this...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-12455)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A memory corruption vulnerability can exist in Microsoft Office software, which arises from the program...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-45.6.0esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mo...

Apple Safari HTMLLabelElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Flash Player BitmapData Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Flash PSDK Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PSDK...

Adobe Flash Player Worker Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Work...

Attachmate Host Access Management and Security Server PassThru Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Attachmate Host Access Management and Security Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PassThru resource. The issue results...

Adobe Flash MovieClip swapDepth Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MovieClip's swapDept...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/php-5.6.29-i586-1slack14.2.txz: Upgraded. This release fixes bugs and security issues. For more information, see:...

SUSE-SU-2016:3084-1 Security update for Docker and dependencies

This update for Docker and its dependencies fixes the following issues: - fix runc and containerd revisions bsc1009961 docker: - Updates version 1.11.2 to 1.12.3 bsc1004490, bsc996015, bsc995058 - Fix ambient capability usage in containers bsc1007249, CVE-2016-8867 - Change the internal mountpoin...

Foxit Reader JPEG2000 Parsing Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JPEG2000 parsing. T...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-10973)

Microsoft Office is an office software suite of products developed by the American Microsoft Corporation Microsoft. Microsoft Office suffers from a memory corruption vulnerability due to the program failing to properly handle objects in memory. An attacker can exploit the vulnerability by means o...

Microsoft Office Memory Corruption Vulnerability (CNVD-2016-10975)

Microsoft Office is an office software suite of products developed by the American Microsoft Corporation Microsoft. Microsoft Office suffers from a memory corruption vulnerability due to the program failing to properly handle objects in memory. An attacker can exploit the vulnerability by means o...

Microsoft Browser Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

Adobe Flash TextField Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Adobe Flash MovieClip constructor Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Tesco Bank Stops Online Transactions

Tesco Bank, a U.K. retail bank, today put a halt to online transactions from current accounts after some customers reported over the weekend money missing from their accounts. The bank, which has more than seven million customers, told the BBC that 40,000 accounts were accessed and half of which...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : curl (SSA:2016-308-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2016-308-01. The text...

Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...