221 matches found
Debian: Security Advisory (DSA-3192-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and address the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10...
Mac OS X : Apple Safari < 6.2.3 / 7.1.3 / 8.0.3 Multiple Vulnerabilities
The version of Apple Safari installed on the remote Mac OS X host is prior to 6.2.3 / 7.1.3 / 8.0.3. It is, therefore, affected by multiple memory corruption issues in WebKit. A remote attacker, using a specially crafted website, can exploit these to execute arbitrary code. C Tenable Network...
Google Chrome Multiple Vulnerabilities - 01 (Oct 2014) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Multiple Vulnerabilities - 01 (Oct 2014) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Ubuntu: Security Advisory (USN-2345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 38.0.2125.104 Multiple Vulnerabilities
Binary data 8551.pasl...
USN-2345-1: Oxide vulnerabilities
Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process...
Critical: Red Hat Security Advisory: chromium-browser security update
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : chromium-browser (RHSA-2014:1626)
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Amazon Linux AMI : httpd (ALAS-2011-1)
The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header...
FreeBSD : chromium -- multiple vulnerabilities (d2bbcc01-4ec3-11e4-ab3f-00262d5ed8ee)
Google Chrome Releases reports : 159 security fixes in this release, including 113 found using MemorySanitizer : - 416449 Critical CVE-2014-3188: A special thanks to Juri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox. - 398384 High...
CVE-2014-3192
Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other...
CVE-2014-3192
CVE-2014-3192 is a use-after-free in the Blink DOM implementation (ProcessingInstruction::setXSLStyleSheet) that affects Google Chrome before 38.0.2125.101. The vulnerability can lead to remote denial of service or possibly unspecified impact via unknown vectors. The initial description specifies...
CVE-2014-3192
Removed by vendor...
CVE-2014-3192
Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other...
Apache HTTP Server Denial of Service
No description provided by source. / This is a reverse engineered version of the exploit for CVE-2011-3192 made by ev1lut10n http://jayakonstruksi.com/backupintsec/rapache.tgz. Copyright 2011 Ramon de C Valle [email protected] Compile with the following command: gcc -Wall -pthread -o...
openSUSE Security Update : apache2 (openSUSE-SU-2011:1217-1)
This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack CVE-2011-3192 was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded,...
openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)
This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)
This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...