7633 matches found
ZippyYum 3.4 Insecure Data Storage
Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: DATE Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.22.1-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information,...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.1.1-i486-1slack14.1.txz: Upgraded. This release contains security fixes and...
[slackware-security] mozilla-nss
New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-nss-3.15.3-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more...
Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer CHTMLEditor Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2013-4482
Untrusted search path vulnerability in python-paste-script aka paster in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the 1 current working directory or 2 its parent directories...
Design/Logic Flaw
Untrusted search path vulnerability in python-paste-script aka paster in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the 1 current working directory or 2 its parent directories...
IT-Grundschutz M4.305: Einsatz von Speicherbeschränkungen (Quotas)
IT-Grundschutz M4.305: Einsatz von Speicherbeschränkungen Quotas. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94230 Stand: 13. Ergänzungslieferung 13. EL...
[slackware-security] openssh
New openssh packages are available for Slackware 14.1 and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssh-6.4p1-i486-1slack14.1.txz: Upgraded. sshd8: fix a memory corruption problem triggered during rekeying when an AES-GCM cipher...
Slackware 14.1 / current : openssh (SSA:2013-322-02)
New openssh packages are available for Slackware 14.1 and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-322-02. The text itself is copyright C...
Slackware 13.37 / 14.0 / current : mozilla-thunderbird (SSA:2013-307-01)
New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-307-01. The text itself i...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-thunderbird-17.0.10esr-i486-1slack14.0.txz: Upgraded. This release contains security fixes and...
[slackware-security] libtiff
New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libtiff-3.9.7-i486-1slack14.0.txz: Upgraded. Patched overflows, crashes, and out of bounds writes...
[slackware-security] xpdf (SSA:2013-233-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security xpdf SSA:2013-233-02 New xpdf packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
Microsoft Internet Explorer Memory Corruption (MS13-080: CVE-2013-3874)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Internet Explorer CAnchorElement Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Microsoft Internet Explorer HtmlLayout::SmartObject Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Slackware 14.0 / current : seamonkey (SSA:2013-271-01)
New seamonkey packages are available for Slackware 14.0 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-271-01. The text itself is copyright C...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 14.0 and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/seamonkey-2.21-i486-1slack14.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...