Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Mozilla Firefox imgRequestProxy Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : curl (SSA:2014-086-01)

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-086-01. The text itsel...

Slackware 14.0 / 14.1 / current : seamonkey (SSA:2014-086-07)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-086-07. The text itself is copyright...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.25-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, se...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.4.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For mor...

Microsoft Internet Explorer CSelectElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

[slackware-security] samba (SSA:2014-072-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security samba SSA:2014-072-01 New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

[slackware-security] udisks, udisks2 (SSA:2014-070-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security udisks, udisks2 SSA:2014-070-01 New udisks and udisks2 packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

Kentico CMS 7.0.75 - User Information Disclosure

Exploit for asp platform in category web applications This vulnerability is an unprotected page on the site where you can view all current users and usernames. To find out if a Kentico CMS is vulnerable go to http://site.com/CMSModules/Messaging/CMSPages/PublicMessageUserSelector.aspx assuming th...

Slackware 14.0 / 14.1 / current : subversion (SSA:2014-058-01)

New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-058-01. The text itself is...

DEBIAN-CVE-2014-2094

Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory...

UBUNTU-CVE-2014-2095

Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory...

CVE-2014-2096

Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory...

CVE-2014-2094

Untrusted search path vulnerability in Catfish through 0.4.0.3, when a Fedora package such as 0.4.0.2-2 is not used, allows local users to gain privileges via a Trojan horse catfish.pyc in the current working directory...

Design/Logic Flaw

Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0, when a Fedora package such as 0.8.2-1 is not used, allows local users to gain privileges via a Trojan horse bin/catfish.pyc under the current working directory...

Microsoft Internet Explorer CAreaElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...