Memory corruption

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...

Memory corruption

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of...

CVE-2014-0259

CVE-2014-0259 : Word Memory Corruption Vulnerability affecting Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 via crafted Office documents. Root cause is memory corruption when parsing crafted files, enabling remote code execution and potential DoS. Affected products/themes align with ...

CVE-2014-0259

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...

CVE-2014-0260

CVE-2014-0260 affects Microsoft Word and related Office components (Word Viewer, Office Web Apps, SharePoint, etc.). The issue arises from memory corruption while parsing crafted Office documents, enabling remote code execution or, per source, possible denial of service. The vulnerability is mapp...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Microsoft Office Word File Processing CVE-2014-0258 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Network Security Assessment: Subterfuge

Subterfuge is no longer a Beta! Now it is a full fledged network security assessment tool in its own right Walk into Starbucks, plop down a laptop, click start, watch the credentials roll in. Enter Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attack and make it as simple as...

Siemens Ruggedcom WIN Products BEAST Attack Vulnerability

OVERVIEW Siemens has identified a BEAST Browser Exploit Against SSL/TLS attack vulnerability in Siemens Ruggedcom WIN products. This vulnerability was originally reported directly to Siemens ProductCERT by Dan Frein and Paul Cotter of West Monroe Partners. Siemens has produced a firmware update...

Solaris 10 (x86) : 145342-06 (deprecated)

Oracle Solaris Cluster 3.3: HA-Tomcat Patch for Oracle Solaris 10. Date this patch was last updated by Sun : Apr/19/17 This plugin has been deprecated and either replaced with individual 145342 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...

[SSLDigger v1.02] Tool to assess the strength of SSL

SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be insecure. Features: full Browser Support using Microsoft Internet Explorer Browser Control support for operating the tool in batch modefor operating on multiple...

Scientific Linux Security Update : RDMA stack on SL6.x i386/x86_64 (20131121)

A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. CVE-2013-2561 It was discovered that librdmacm used a static port to connect to the ibacm service. A local...

[SECURITY] Fedora 18 Update: php-symfony2-HttpKernel-2.2.10-1.fc18

HttpKernel provides the building blocks to create flexible and fast HTTP-based frameworks. It takes a Request as an input and should return a Response as an output. Using this interface makes your code compatible with all frameworks using the Symfony2 components. And this will give you many cool...

TP-Link TD-8840t - Cross-Site Request Forgery

Exploit Title: TP-Link TD-8840t CSRF Vulnerability Author: MOHAMMED AL-SAGGAFLEGNED-SEIYUN E-mail: [email protected]/mohammed.alsaggaf2010 Category: Hardware Google Dork: N/A Vendor: http://www.tp-link.com Firmware Version: 3.0.0 Build 120531 Product:...

Fedora Update for python3 FEDORA-2013-21415

Check for the Version of python3 OpenVAS Vulnerability Test Fedora Update for python3 FEDORA-2013-21415 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

ruby security update

1.8.7.352-13 - Workaround build issues against OpenSSL with enabled ECC curves. - Make DRb compatible with OpenSSL 1.0.1. ruby-1.9.3-p222-generate-1024-bits-RSA-key-instead-of-512-bits.patch - Fix CVE-2013-4164 Heap Overflow in Floating Point Parsing...

RedHat Update for RDMA stack RHSA-2013:1661-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a...

MS KB2896666: Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (deprecated)

The remote host is missing one of the workarounds referenced in KB 2896666. The remote host has a version of the Microsoft Graphics Component installed that is potentially affected by a code execution vulnerability due to the way the application handles specially crafted TIFF images. %NASLMINLEVE...

PT-2013-1366 · Microsoft · Office Compatibility Pack +8

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 Microsoft Office 2003 SP3 Microsoft Office 2007 SP3 Microsoft Office 2010 SP1 and SP2 Microsoft Office Compatibility Pack SP3 Microsoft Lync 2010, 2010 Attendee, 2013, and Basic 20...