Design/Logic Flaw

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

Mozilla crash with evidence of memory corruption

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

Mozilla crash with evidence of memory corruption

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

openSUSE 10 Security Update : kernel (kernel-5751)

This kernel update fixes various bugs and also several security issues : CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3833: The genericfilesplicewrite function in...

Adobe Reader/Acrobat Multiple Vulnerabilities (APSB08-19) - Linux

Adobe Reader/Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Debian Security Advisory DSA 1656-1 (cupsys)

The remote host is missing an update to cupsys announced via advisory DSA 1656-1. OpenVAS Vulnerability Test $Id: deb16561.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1656-1 cupsys Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Update Protection against CA Multiple Products ActiveX Control Buffer Overflow Vulnerability

A vulnerability was reported in multiple Computer Associates CA products. These products are all intended for enhancing corporate and client security. The vulnerability is due to insufficient boundary checking in the parameters passed to the affected ActiveX control installed by the products list...

openSUSE 10 Security Update : kernel (kernel-5700)

The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3528: The ext234 filesystem code fail...

DSA-1656-1 cupsys - several vulnerabilities

Bulletin has no description...

Nuke ET 3.4 - FCKeditor Arbitrary File Upload

Nuke ET 3.4 - FCKeditor Arbitrary File Upload ?php / --------------------------------------------------------------- Nuke ET = 3.4 fckeditor Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...

VLC Media Player XSPF Playlist Memory Corruption Vulnerability (Linux)

This host is installed with VLC Media Player and is prone to Memory Corruption Vulnerability. OpenVAS Vulnerability Test $Id: gbvlcmediaplayermemcrptnvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ VLC Media Player XSPF Playlist Memory Corruption Vulnerability Linux Authors: Veerendra GG Copyright:...

Important: Red Hat Security Advisory: cups security update

Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNI...

CentOS 3 / 4 / 5 : cups (CESA-2008:0937)

Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNI...

Apple CUPS HP-GL/2 Filter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and p...

[SECURITY] Fedora 9 Update: pam_krb5-2.3.0-2.fc9

This is pamkrb5, a pluggable authentication module that can be used with Linux-PAM and Kerberos 5. This module supports password checking, ticket creation, and optional TGT verification and conversion to Kerberos IV ticke ts. The included pamkrb5afs module also gets AFS tokens if so configured...

CVE-2008-3637

The Hash-based Message Authentication Code HMAC provider in Java on Apple Mac OS X 10.4.11, 10.5.4, and 10.5.5 uses an uninitialized variable, which allows remote attackers to execute arbitrary code via a crafted applet, related to an "error checking issue."...

Gentoo Security Advisory GLSA 200711-16 (cups)

The remote host is missing updates announced in advisory GLSA 200711-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200711-16 (cups)

The remote host is missing updates announced in advisory GLSA 200711-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability

ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-057 September 9, 2008 -- CVE ID: CVE-2008-3635 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- Vulnerability Details: This vulnerability allows...

Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of QuickTim...