107 matches found
CVE-2017-2249
Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2249
The CVE-2017-2249 entry concerns an Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ (up to version 3.4.0). An attacker can gain privileges by placing a Trojan horse DLL in an unspecified directory, enabling code execution with the caller’s privileges when the...
JVN#21369452: Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS...
CVE-2016-2249
CVE-2016-2249 entry is rejected/not used.
CVE-2016-2249
...
Oracle: Security Advisory (ELSA-2010-0534)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2249-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : OpenStack Heat vulnerability (USN-2249-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2249-1 advisory. Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see...
Siemens SIMATIC S7-1200多个漏洞
CVE ID: CVE-2014-2249,CVE-2014-2250,CVE-2014-2252,CVE-2014-2254,CVE-2014-2256,CVE-2014-2258 SIMATIC S7-1200是可编程控制器,可实现简单却高度精确的自动化任务。 Siemens SIMATIC S7-1200 4.0.0之前版本在实现上存在多个漏洞,可被恶意利用执行跨站请求伪造、劫持用户会话、造成拒绝服务。 1、向TCP端口443发送特制的数据包造成的错误可造成设备进入defect模式。 2、随机生成器内弱熵相关错误,可导致劫持另外用户的会话。...
CVE-2014-2249
CVE-2014-2249 is a CSRF vulnerability in Siemens SIMATIC S7-1500 (< v1.5) and S7-1200 (
CVE-2012-2249
Tor before 0.2.3.23-rc allows remote attackers to cause a denial of service assertion failure and daemon exit via a renegotiation attempt that occurs after the initiation of the V3 link protocol...
CVE-2012-2249
The CVE-2012-2249 entry concerns Tor prior to 0.2.3.23-rc, where a denial-of-service is triggered by a renegotiation attempt after the V3 link protocol is initiated. The underlying effect is an assertion failure that causes the daemon to exit. Public references consistently state the vulnerabilit...
Fedora Update for httpd FEDORA-2013-13994
Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2013-13994 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for httpd FEDORA-2013-13922
Check for the Version of httpd OpenVAS Vulnerability Test Fedora Update for httpd FEDORA-2013-13922 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Fedora Update for httpd FEDORA-2013-13994
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : httpd-2.4.6-2.fc18 (2013-13922)
This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...
Fedora 19 : httpd-2.4.6-2.fc19 (2013-13994)
This update contains the latest release of the Apache HTTP Server, version 2.4.6. Two security issues are resolved in this update : - moddav: Sending a MERGE request against a URI handled by moddavsvn could trigger a segfault. CVE-2013-1896 - modsessiondbd: Make sure that dirty flag is respected...
Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : httpd (SSA:2013-218-02)
New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2013-218-02. The tex...
[slackware-security] httpd
New httpd packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/httpd-2.4.6-i486-1slack14.0.txz: Upgraded. This update addresses two security issues: SECURITY:...
Updated apache packages fix security vulnerabilities
Updated apache packages fix security vulnerabilities: moddav.c in the Apache HTTP Server before 2.4.6 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for...