145 matches found
Oracle: Security Advisory (ELSA-2008-0897)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2012-0017)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201507-10
Gentoo Linux Local Security Checks GLSA 201507-10 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201507-10 : t1utils: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201507-10 t1utils: Arbitrary code execution t1utils has a buffer overflow in the setcsstart function in t1disasm.c. Impact : A remote attacker could cause a denial of service and possibly execute arbitrary code via a crafted font...
Amazon Linux: Security Advisory (ALAS-2012-36)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-256-1 : t1utils security update
Jakub Wilk found a vulnerability in the Type 1 font manipulation programs, t1utils : CVE-2015-3905 Buffer overflow in the setcsstart function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
Medium: t1utils
Issue Overview: A buffer overflow flaw was found in the way t1utils processed, for example, certain PFB Printer Font Binary files. An attacker could use this flaw to potentially execute arbitrary code by tricking a user into processing a specially crafted PFB file with t1utils. Affected Packages:...
CVE-2015-3905
Buffer overflow in the setcsstart function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
CVE-2015-3905
The CVE-2015-3905 vulnerability affects t1utils (Type 1 font manipulation tools). A buffer overflow in set_cs_start (in t1disasm.c) before version 1.39 can allow a remote attacker to crash the process or possibly execute arbitrary code via a crafted font file. Affected releases include t1utils be...
[USN-2627-1] t1utils vulnerability
========================================================================== Ubuntu Security Notice USN-2627-1 June 03, 2015 t1utils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
UBUNTU-CVE-2015-3905
Buffer overflow in the setcsstart function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
CVE-2014-3905
The CVE-2014-3905 issue affects tenfourzero Shutter version 0.1.4. It is described as a cross-site scripting (XSS) vulnerability that could allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The included sources indicate that an administrator viewing a maliciou...
openSUSE Security Update : v8 / chromium (openSUSE-2011-93)
Chromium update to to 18.0.972 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2011-93. The text description of this plugin is C SUSE LLC. include'deprecatednasllevel.inc';...
CVE-2014-0721
The Cisco Unified SIP Phone 3905 with firmware before 9.41 allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574...
CVE-2014-0721
The CVE-2014-0721 entry concerns the Cisco Unified SIP Phone 3905 with firmware before 9.4(1). The vulnerability stems from an undocumented test interface exposed on TCP port 7870, which an unauthenticated, remote attacker could use to gain root-level access to the device. Impact stated in source...
CVE-2013-3905
CVE-2013-3905 affects Microsoft Outlook components on Windows: Outlook 2007 SP3, 2010 SP1/SP2, 2013, and 2013 RT. The flaw is in how S/MIME certificate metadata is expanded, allowing remote attackers to obtain sensitive network configuration and state information by presenting a crafted S/MIME ce...
MS13-094: Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514)
The Outlook component of Microsoft Office is affected by an information disclosure vulnerability due to a flaw in how Outlook parses S/MIME messages. It is possible for a remote attacker to exploit the vulnerability if a user opens or previews a specially crafted email in an affected version of...
ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)
The remote VMware ESXi 5.0 host is affected by the following security vulnerabilities : - Errors exist in the Libxml2 library functions 'xmlXPathNextPrecedingSibling', 'xmlNodePtr' and 'xmlXPathNextPrecedingInternal' that could allow denial of service attacks or arbitrary code execution...
Microsoft Outlook MIME Email Message Parsing Remote Code Execution (MS13-068; CVE-2013-3870; CVE-2013-3905)
A remote code execution vulnerability exists in Microsoft Office Outlook email client...
Amazon Linux AMI : libxml2 (ALAS-2012-36)
A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrar...