Heap overflow

Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability."...

CVE-2012-2543

CVE-2012-2543 is a stack-based buffer overflow in Microsoft Excel components (Windows: Excel 2007 SP2/SP3, Excel 2010 SP1; Mac: Office 2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability arises while handling crafted spreadsheets, enabling remote code execution. Connected so...

Microsoft Office Remote Code Execution Vulnerabilities (2720184)

This host is missing an important security update according to Microsoft Bulletin MS12-076. OpenVAS Vulnerability Test $Id: secpodms12-076.nasl 6523 2017-07-04 15:46:12Z cfischer $ Microsoft Office Remote Code Execution Vulnerabilities 2720184 Authors: Antu Sanadi Copyright: Copyright c 2012...

Fedora 18 : freeradius-2.2.0-0.fc18 (2012-15342)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from the...

Fedora 17 : freeradius-2.2.0-0.fc17 (2012-15397)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow by processing This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from...

VulnCheck KEV: CVE-2009-1134

Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir 0x806 record object, aka...

Fedora 16 : freeradius-2.2.0-0.fc16 (2012-15743)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from the...

Compatibility Issues Affecting Signed Microsoft Binaries (2749655)

This host is missing an important security update according to Microsoft 2749655. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Word RTF文件释放后重用远程代码执行漏洞（MS12-064）

BUGTRAQ ID: 55781 CVECAN ID: CVE-2012-2528 Microsoft Word属于办公软件是微软公司的一个文字处理器应用程序。 Microsoft Office处理特制RTF文件时存在远程代码执行漏洞，成功利用此漏洞的攻击者可完全控制受影响系统。 0 Microsoft Word 2010 Microsoft Word 2007 Microsoft Word 2003 Microsoft Office SharePoint Server 2010 Microsoft Office Web Apps 2010 SP1 Microsoft Office W...

Compatibility Issues Affecting Signed Microsoft Binaries (2749655)

The host is installed with Microsoft Windows operating system and its missing upates according to Microsoft Security Advisory 2749655 OpenVAS Vulnerability Test $Id: gbmsdigitalcretificatetimestampissue.nasl 5346 2017-02-19 08:43:11Z cfi $ Compatibility Issues Affecting Signed Microsoft Binaries...

Microsoft Word RTF File Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which can lead to a complete compromise of an affected computer. Technologies Affected Microsoft Office...

Chrome for iOS Update

Chrome for iOS has been updated to 21.0.1180.82 and is now available in the App Store. This version brings compatibility with the new iPhone 5, along with fixes for Gmail on iOS 6. You can get the update via the App Store, or from the update prompt inside of Chrome. Known issues are available on...

Fedora 17 : glpi-0.83.4-1.fc17 / glpi-data-injection-2.2.2-1.fc17 / etc (2012-10661)

The official GLPI 0.83.3 version is now available from download This version correct several minor bugs and a security bug. You are stongly encouraged to update your actual version. Thanks to Prajal Kulkarni. Upstream Changelog Version 0.83.31 - Bug 3633: Check rights for massive actions for...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64

This update fixes the following security issues : - Missing sanity checks in the Intel i915 driver in the Linux kernel could allow a local, unprivileged user to escalate their privileges. CVE-2010-2962, Important - compatallocuserspace in the Linux kernel 32/64-bit compatibility layer...

Scientific Linux Security Update : Virtio on SL3.x i386/x86_64

This new package provides signed, para-virtualized block and network drivers for Scientific Linux 3 as a KVM virtualized guest. Users may see various warnings during package installation, including : - Different versions of package are already installed. Older versions of the package may cause...

Scientific Linux Security Update : brltty on SL5.x i386/x86_64

It was discovered that a brltty library had an insecure relative RPATH runtime library search path set in the ELF Executable and Linking Format header. A local user able to convince another user to run an application using brltty in an attacker-controlled directory, could run arbitrary code with...

Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64

A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash. CVE-2009-1889 These updated packages also fix the...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This update fixes the following security issue : - The compatallocuserspace function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-spac...

Scientific Linux Security Update : exim on SL4.x, SL5.x i386/x86_64

A privilege escalation flaw was discovered in Exim. If an attacker were able to gain access to the 'exim' user, they could cause Exim to execute arbitrary commands as the root user. CVE-2010-4345 This update adds a new configuration file, '/etc/exim/trusted-configs'. To prevent Exim from running...

Scientific Linux Security Update : firefox on SL4.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203 A flaw was...