Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3017347)

This host is missing an important security update according to Microsoft Bulletin MS14-083. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3017301)

This host is missing a critical security update according to Microsoft Bulletin MS14-081. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Web Apps Remote Code Execution Vulnerabilities (3017301)

This host is missing a critical security update according to Microsoft Bulletin MS14-081. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Office CVE-2014-6357 Use After Free Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

[SECURITY] Fedora 21 Update: jenkins-icon-shim-1.0.4-1.fc21

A "shim" plugin that allows plugins make use of the core icon tag, while still remaining backward compatible with older versions of Jenkins core that do not have the icon tag...

SuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)

The SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues : - Build option no-ssl3 is incomplete. CVE-2014-3568 - Add support for TLSFALLBACKSCSV. CVE-2014-3566 - Information leak in pretty printing functions. CVE-2014-3508 - OCSP bad key DoS...

[SECURITY] Fedora 21 Update: docker-io-1.3.2-2.fc21

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

DEBIAN-CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

Code injection

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

UBUNTU-CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

CVE-2014-8866

The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service host crash via vectors involving altering the high halves of registers while in 64-bit mode...

Excessive checking in compatibility mode hypercall argument translation

ISSUE DESCRIPTION The hypercall argument translation needed for 32-bit guests running on 64-bit hypervisors performs checks on the final register state. These checks cover all registers potentially holding hypercall arguments, not just the ones actually doing so for the hypercall being processed,...

OracleVM 3.1 : xen (OVMSA-2012-0034)

The remote OracleVM system is missing necessary patches to address critical security updates : - Xen Security Advisory CVE-2012-3433 / XSA-11 HVM guest destroy p2m teardown host DoS vulnerability An HVM guest is able to manipulate its physical address space such that tearing down the guest takes ...

Moderate: Red Hat Security Advisory: libvirt security and bug fix update

Updated libvirt packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

openSUSE Security Update : pidgin (openSUSE-SU-2014:1397-1)

Update to version 2.10.10 : + General : - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins...

Microsoft Office Compatibility Pack Remote Code Execution Vulnerabilities (3009710)

This host is missing an important security update according to Microsoft Bulletin MS14-069. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS14-069: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3009710)

The remote Windows host has a version of Microsoft Office, Office Compatibility Pack, or Microsoft Word Viewer that is affected by one or more vulnerabilities : - A double delete remote code execution vulnerability due to Microsoft Word not properly handling objects in memory while parsing...

CVE-2014-6335

Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Microsoft Office Invalid Pointer Remote Code Execution Vulnerability."...