Moderate: Red Hat Security Advisory: nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update

An update for nss, nspr, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel spreadsheet editor, the Microsoft SharePoint Foundation email software, and the Microsoft SharePoint Designer HTML editor allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel spreadsheet editor, and the Microsoft SharePoint Foundation email software, as well as the Microsoft SharePoint Designer HTML editor, is due to buffer overflow attacks. Exploitation of this vulnerability could allow...

The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel Viewer for electronic spreadsheet viewing, the Microsoft Excel spreadsheet editor, and the Word For Mac text editor allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel Viewer for electronic spreadsheet viewing, the Microsoft Excel spreadsheet editor, and the Word For Mac text editor is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute...

Ubuntu 14.04 LTS : Firefox regressions (USN-2917-3)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2917-3 advisory. USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. We apologize for the...

Windows Packet Sniffing Library: Npcap

Nmap Project’s packet sniffing library for Windows, based on WinPcap/Libpcap improved with NDIS 6 and LWF Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF .aspx technique. It supports Windows Vista, 7, 8 and 10. It is sponsored but not officially supported by the Nmap Project and...

USN-2917-3: Firefox regressions

USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3148775)

This host is missing a critical security update according to Microsoft Bulletin MS16-042. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2016-0127

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Serve...

CVE-2016-0122

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...

Memory corruption

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Serve...

Memory corruption

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...

Memory corruption

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption...

Microsoft Office CVE-2016-0127 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)

This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...

nss, nss-util, and nspr security, bug fix, and enhancement update

nspr 4.11.0-0.1 - Rebase to NSPR 4.11 nss 3.21.0-0.3.0.1 - Added nss-vendor.patch to change vendor 3.21.0-0.3 - Ensure all ssl.sh tests are executed 3.21.0-0.2 - Ensure abi compatibility 3.21.0-0.1 - Rebase to NSS-3.21 nss-util 3.21.0-0.3 - Rebase RHEL 6.7.z to NSS-util 3.21 in preparation for...

Sixaxis Compatibility Checker - Exported components, Possible privilege escalation, Runtime command execution vulnerabilities

HackApp vulnerability scanner discovered that application Sixaxis Compatibility Checker published at the 'play' market has multiple vulnerabilities...

Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing

Kautilya is a toolkit which provides various payloads for a Human Interface Device which may help in breaking in a computer during penetration tests. List of Payloads Windows Gather Gather Information Hashdump and Exfiltrate Keylog and Exfiltrate Sniffer WLAN keys dump Get Target Credentials Dump...

Vulnerability of Microsoft Word, the corporate application suite Microsoft SharePoint Server, the Microsoft Office Compatibility Pack, the Office Web Apps Server, and the Microsoft Office programs, which allow a perpetrator to execute arbitrary code.

The vulnerabilities of Microsoft Word, the Microsoft SharePoint Server corporate application suite, the Microsoft Office Compatibility Pack, the Office Web Apps Server web server, and the Microsoft Office software packages are caused by buffer overflows. Exploitation of these vulnerabilities can...

Machinae - Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and SSL fingerprints. It was inspired by Automater , another excellent tool for collecting information. The Machinae...

Memory corruption

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Web Apps Server...