123 matches found
CVE-2014-0867
rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string...
CVE-2014-0867
CVE-2014-0867 affects IBM Algo Credit Limits (RICOS) Web GUI, specifically rcore6/main/addcookie.jsp. The root cause is that a page in ACLM Web GUI could set/overwrite cookies for a user via manipulated links, enabling Cross-Site Cookie Setting. Affected versions are IBM Algo Credit Limits 4.5.0–...
IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140630-0 ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICOS vulnerable...
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICO...
openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0633-1)
Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864,...
openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)
Postgresql was updated to the security and bugfix release 9.1.3 : - Require execute permission on the trigger function for 'CREATE TRIGGER' CVE-2012-0866, bnc749299. - Remove arbitrary limitation on length of common name in SSL certificates CVE-2012-0867, bnc749301. - Convert newlines to spaces i...
openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0633-1)
Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864,...
openSUSE Security Update : postgresql (openSUSE-SU-2012:0480-1)
Security and bugfix release 9.1.3 : - Require execute permission on the trigger function for 'CREATE TRIGGER' CVE-2012-0866, bnc749299. - Remove arbitrary limitation on length of common name in SSL certificates CVE-2012-0867, bnc749301. - Convert newlines to spaces in names written in pgdump...
Site-Assistant menu.php pathsversion Parameter PHP Code Execution - Ver2 (CVE-2007-0867)
A remote code execution vulnerability has been reported in Site-assistant. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Site-Assistant menu.php pathsversion Parameter PHP Code Execution - Ver2 (CVE-2007-0867)
A remote code execution vulnerability has been reported in Site-assistant. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2013-0867
The decodesliceheader function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafted H.264 video data, related to an out-of-bounds array access...
CVE-2013-0867
FFmpeg vulnerability CVE-2013-0867: the decode_slice_header function in libavcodec/h264.c before 1.1.2 does not properly validate when the pixel format changes, allowing a remote attacker to trigger an unspecified impact via crafted H.264 video data, related to an out-of-bounds array access. Affe...
Amazon Linux AMI : postgresql8 (ALAS-2012-82)
The pgdump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command. This SQL command might then be executed by a privileged user during later restore of the...
Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)
The remote host is missing updates announced in advisory GLSA 201209-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64
This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the 'Oracle Java SE Critical Patch Update Advisory' page CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863,...
Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)
PostgreSQL is an advanced object-relational database management system DBMS. The pgdump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command. This SQL comma...
CentOS Update for postgresql84 CESA-2012:0678 centos5
Check for the Version of postgresql84 OpenVAS Vulnerability Test CentOS Update for postgresql84 CESA-2012:0678 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...
CentOS Update for postgresql CESA-2012:0678 centos6
Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2012:0678 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
CentOS Update for postgresql CESA-2012:0678 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for postgresql FEDORA-2012-8893
Check for the Version of postgresql OpenVAS Vulnerability Test Fedora Update for postgresql FEDORA-2012-8893 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...