Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX...

Microsoft Internet Explorer CDomRange Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CMarkupPointer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CInputElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CHtmlLayout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0283)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

Microsoft Internet Explorer Memory Corruption (MS14-010; CVE-2014-0284)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.3.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-24.3.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

CVE-2011-4099

The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors...

Slackware 14.0 / 14.1 / current : mozilla-nss (SSA:2014-028-02)

New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-028-02. The text itself is...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bind (SSA:2014-028-01)

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-028-01. The text itse...

Slackware 14.1 / current : samba (SSA:2014-013-04)

New samba packages are available for Slackware 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-013-04. The text itself is copyright C...

Slackware 14.0 / 14.1 / current : php (SSA:2014-013-03)

New php packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-013-03. The text itself is copyright C...

CVE-2013-7276

Cross-site scripting XSS vulnerability in inc/rafform.php in the Recommend to a friend plugin 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the currenturl parameter...

(Mobile Pwn2Own) Apple iOS Safari DocumentOrderedMap Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.2.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

Slackware 14.1 / current : mozilla-firefox (SSA:2013-350-04)

New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-350-04. The text itself is copyright ...

Slackware 13.1 / 13.37 / 14.0 / 14.1 / current : ruby (SSA:2013-350-06)

New ruby packages are available for Slackware 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-350-06. The text itself is...