96 matches found
Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update
Updated openstack-nova packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...
CVE-2015-0259
CVE-2015-0259 affects OpenStack Compute (Nova) prior to specific revisions (OpenStack Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3) where the websocket origin is not validated. This enables remote attackers to hijack a user’s authenticated session for console access via ...
Fedora Update for owasp-esapi-java FEDORA-2015-0259
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-0259
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
CVE-2014-0259
CVE-2014-0259 : Word Memory Corruption Vulnerability affecting Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 via crafted Office documents. Root cause is memory corruption when parsing crafted files, enabling remote code execution and potential DoS. Affected products/themes align with ...
Microsoft Word内存破坏漏洞
BUGTRAQ ID: 64727 CVECAN ID: CVE-2014-0259 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序。 受影响Microsoft Word 软件解析特制文件时存在远程代码执行漏洞,成功利用这些漏洞后,可导致完全控制受影响系统。 0 Microsoft Word 2013 Microsoft Word 2010 Microsoft Word 2007 Microsoft Word 2003 临时解决方法: 安装配置MOICE为.doc文件的注册处理程序; 用Office文件阻止策略阻止打开.doc和.dot二进制文件;...
Microsoft SharePoint Server Remote Code Execution Vulnerability (2916605)
This host is missing an important security update according to Microsoft Bulletin MS14-001. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
Oracle Linux 6 : ImageMagick (ELSA-2012-0544)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0544 advisory. - Add fix for CVE-2010-4167 - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 Tenable has extracted the preceding description block...
Oracle Linux 5 : ImageMagick (ELSA-2012-0545)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0545 advisory. - Add fix for CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 - Add fix for CVE-2012-0259 CVE-2012-0260 CVE-2012-1798 Tenable has extracted the...
CVE-2013-0259
The CVE-2013-0259 entry concerns Drupal’s contributed Boxes module (7.x-1.x) with versions prior to 7.x-1.1. The vulnerability is Cross-site scripting (XSS) that enables remote authenticated users who have administer or edit boxes permissions to inject arbitrary web script or HTML via the subject...
SA-CONTRIB-2013-013 - Boxes - Cross site scripting (XSS)
The subject field for the included simple box doesn't escape HTML properly. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to administer/edit boxes. Wikipedia has more information about cross site scripting XSS. CVE identifiers issued CVE-2013-02...
Fedora Update for ImageMagick FEDORA-2012-11746
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
FreeBSD Ports: ImageMagick
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mandriva Update for imagemagick MDVSA-2012:077 (imagemagick)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : ImageMagick (ZYPP Patch Number 8104)
This update of ImageMagick fixes multiple security vulnerabilities that could have been exploited by attackers via specially crafted image files : - Integer overflow when processing EXIF directory entries with tags of e.g. format 5 EXIFFMTURATIONAL and a large components count. CVE-2012-0259 /...
CVE-2012-0259
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service crash via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read...
Integer overflow
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service out-of-bounds read via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete f...
CVE-2012-1610
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service out-of-bounds read via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete f...
CVE-2012-0259
CVE-2012-0259 affects ImageMagick where the GetEXIFProperty function (magick/property.c) is vulnerable when processing JPEG EXIF XResolution tags. In ImageMagick versions before 6.7.6-3, a zero value in the component count can trigger an out-of-bounds read, leading to a denial of service (crash)....
Moderate: Red Hat Security Advisory: ImageMagick security update
Updated ImageMagick packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...