Lucene search
+L

163 matches found

debian
debian
added 2008/10/12 9:37 a.m.26 views

[SECURITY] [DSA 1652-1] New ruby1.9 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1652-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2008 http://www.debian.org/security/faq -...

7.8CVSS7.4AI score0.70202EPSS
Exploits8
debian
debian
added 2008/10/12 9:36 a.m.49 views

[SECURITY] [DSA 1651-1] New ruby1.8 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1651-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2008 http://www.debian.org/security/faq -...

7.8CVSS7.4AI score0.70202EPSS
Exploits8
osv
osv
added 2008/10/12 12:0 a.m.32 views

DSA-1651-1 ruby1.8 - several vulnerabilities

Bulletin has no description...

7.8CVSS7AI score0.70202EPSS
Exploits8
osv
osv
added 2008/10/12 12:0 a.m.34 views

DSA-1652-1 ruby1.9 - several vulnerabilities

Bulletin has no description...

7.8CVSS7AI score0.70202EPSS
Exploits8
nessus
nessus
added 2008/10/10 12:0 a.m.75 views

Fedora 9 : ruby-1.8.6.287-2.fc9 (2008-8738)

Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability CPU...

7.8CVSS6.7AI score0.95182EPSS
Exploits30References16
nessus
nessus
added 2008/10/10 12:0 a.m.38 views

Fedora 8 : ruby-1.8.6.287-2.fc8 (2008-8736)

Update to new upstream release fixing multiple security issues detailed in the upstream advisories: http://www.ruby-lang.org/en/news/2008/08/08/multiple- vulnerabilities-in-ruby/ - CVE-2008-3655 - multiple insufficient safe mode restrictions - CVE-2008-3656 - WEBrick DoS vulnerability CPU...

7.8CVSS6.7AI score0.70202EPSS
Exploits9References15
openvas
openvas
added 2008/09/24 12:0 a.m.23 views

Gentoo Security Advisory GLSA 200804-20 (sun-jdk, sun-jre-bin, emul-linux-x86-java)

The remote host is missing updates announced in advisory GLSA 200804-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.2AI score0.18185EPSS
Exploits4References9
openvas
openvas
added 2008/09/24 12:0 a.m.23 views

Gentoo Security Advisory GLSA 200806-11 (ibm-jdk-bin ibm-jre-bin)

The remote host is missing updates announced in advisory GLSA 200806-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.2AI score0.18185EPSS
Exploits4References5
openvas
openvas
added 2008/09/04 12:0 a.m.23 views

FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.8CVSS6.8AI score0.70202EPSS
Exploits6References2
nessus
nessus
added 2008/08/17 12:0 a.m.37 views

FreeBSD : ruby -- DoS vulnerability in WEBrick (f7ba20aa-6b5a-11dd-9d79-001fc61c2a55)

The official ruby site reports : WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

7.8CVSS6.6AI score0.70202EPSS
Exploits6References5
nvd
nvd
added 2008/08/13 1:41 a.m.20 views

CVE-2008-3655

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

7.5CVSS6.7AI score0.14085EPSS
Exploits1References32
cvelist
cvelist
added 2008/08/13 1:0 a.m.24 views

CVE-2008-3655

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

6.7AI score0.14085EPSS
Exploits1References32
cve
cve
added 2008/08/13 1:0 a.m.101 views

CVE-2008-3655

CVE-2008-3655 affects Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423. It does not properly restrict access to critical variables and methods at various safe levels, allowing context‑dependent attackers to bypass access restrictions via (1) untrac...

7.5CVSS6.8AI score0.14085EPSS
Exploits1References32Affected Software1
ubuntucve
ubuntucve
added 2008/08/12 12:0 a.m.32 views

CVE-2008-3655

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

7.5CVSS7.1AI score0.14085EPSS
Exploits1References2
nessus
nessus
added 2008/04/22 12:0 a.m.252 views

GLSA-200804-20 : Sun JDK/JRE: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200804-20 Sun JDK/JRE: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Sun Java: Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable when launched ...

10CVSS9AI score0.18185EPSS
Exploits4References29
gentoo
gentoo
added 2008/04/17 12:0 a.m.72 views

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description Multiple vulnerabilities have been discovered in Sun Java: Daniel Soeder discovered that a long codebase attribute string in a JNLP file will overflow a stack variable...

10CVSS10AI score0.18185EPSS
Exploits4
nessus
nessus
added 2007/12/17 12:0 a.m.49 views

Mac OS X : Java for Mac OS X 10.4 Release 6

The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6. The remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user's...

10CVSS7.5AI score0.18185EPSS
Exploits7References17
nessus
nessus
added 2007/12/13 12:0 a.m.48 views

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 4544)

The IBM Java JRE/SDK has been brought to release 1.5.0 SR5a, containing several bugfixes, including the following security fixes : - A buffer overflow vulnerability in the image parsing code in the JavaTM Runtime Environment may allow an untrusted applet or application to elevate its privileges...

6.8CVSS6AI score0.18185EPSS
Exploits2References10
cve
cve
added 2007/07/10 7:0 p.m.191 views

CVE-2007-3655

CVE-2007-3655 is a stack-based buffer overflow in javaws.exe (Sun Java Web Start) within JRE 5.0 Update 11 and earlier and 6.0 Update 1 and earlier. An attacker could remotely exploit a long codebase attribute in a JNLP file to execute arbitrary code. Red Hat advisories indicate this CVE was addr...

6.8CVSS7.6AI score0.12273EPSS
Exploits2References29Affected Software1
cve
cve
added 2006/07/17 7:0 p.m.55 views

CVE-2006-3655

CVE-2006-3655, CVE-2006-3656, and related CVEs concern Microsoft PowerPoint 2003. The connected sources describe an attacker-assisted exploit via crafted PowerPoint files affecting PowerPoint 2003 (PowerPoint’s PowerPoint parsing/mso.dll and powerpnt.exe) that can lead to arbitrary code execution...

5.1CVSS7AI score0.20891EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder