Scientific Linux Security Update : openssl on SL5.x i386/x86_64

OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. Datagram TLS DTLS is a protocol based on TLS that is capable of securing datagram transport UDP for instance. The...

Fedora 17 : puppet-2.7.18-1.fc17 (2012-10891)

This is an upstream security release. It addresses a number of issues found in puppet-2.7.x. The Red Hat security team has rated this update as having low security impact. Refer to the upstream release notes and bugzilla entries for further details...

Fedora 16 : puppet-2.6.17-2.fc16 (2012-10897)

This is an upstream security release. It addresses a number of issues found in puppet-2.6.x. The Red Hat security team has rated this update as having low security impact. Refer to the upstream release notes and bugzilla entries for further details...

abrt, libreport, btparser, and python-meh security and bug fix update

abrt 2.0.8-6.0.1.el6 - Add abrt-oracle-enterprise.patch to be product neutral - Remove abrt-plugin-rhtsupport dependency for cli and desktop - Make abrt Obsoletes/Provides abrt-plugin-rhtsupprot 2.0.8-6 - enable plugin services after install rhbz820515 - Resolves: 820515 2.0.8-5 - removed the...

Fedora Update for python3 FEDORA-2012-9135

Check for the Version of python3 OpenVAS Vulnerability Test Fedora Update for python3 FEDORA-2012-9135 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Unable to use VMR files from an earlier Veeam Reporter version

Challenge VMR files from earlier versions of Veeam Reporter are not supported. Cause VMR files from earlier versions of Veeam Reporter are not compatible with the сurrent version of Veeam ONE. Solution Create new VMR files. More Information If you have any questions or problems, contact Veeam...

PT-2012-1532 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue is related to an integer overflow in the sys oabi semtimedop function, which can be exploited by local users to gain privileges or cause a denial of service, resulting in heap memor...

Video drivers may fail to support Address Space Layout Randomization (ASLR)

Overview Some video drivers fail to support ASLR in Microsoft EMET "Always on" mode, which can limit the amount that such a system can be secured. Description ASLR, when combined with DEP Data Execution Prevention can be an effective mitigation against exploitation of vulnerabilities. For more...

Debian Security Advisory DSA 2670-1 (wordpress)

The remote host is missing an update to wordpress announced via advisory DSA 2670-1. OpenVAS Vulnerability Test $Id: deb26701.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2670-1 wordpress Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

SocialEngine 4.2.2 - Multiple Vulnerabilities

Social Engine 4.2.2 Multiples Vulnerabilities Earlier versions are also possibly vulnerable. INFORMATION Product: Social Engine 4.2.2 Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Discovered by: Tiago Natel de Moura aka "i4k" Discovered at: 10/04/2012 CVE Notified: 10/04/2012 CVE...

Debian DSA-2470-1 : wordpress - several vulnerabilities

Several vulnerabilities were identified in WordPress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches...

DSA-2470-1 wordpress - several

Bulletin has no description...

Memory corruption

Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted RTF data, aka "RTF Mismatch Vulnerability."...

Memory corruption

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel...

CVE-2012-0185

Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling of memory during opening, aka "Excel MergeCell...

CVE-2012-0141

CVE-2012-0141 affects Microsoft Excel and related Office components across Windows and Mac platforms (Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1/Gold, Office 2011 for Mac, Excel Viewer, Office Compatibility Pack). The root cause is memory corruption during parsing/opening specially crafted Excel/RTF ...

CVE-2012-0185

CVE-2012-0185 is a heap-based buffer overflow affecting Microsoft Excel 2007 SP2/SP3, Excel 2010 Gold/SP1, Excel Viewer, and Office Compatibility Pack SP2/SP3 . The vulnerability arises from inefficient/incorrect memory handling during opening of crafted spreadsheets , specifically related to the...

Microsoft Excel 'MergeCells'记录堆溢出远程代码执行漏洞(MS12-030)

BUGTRAQ ID: 53376 Excel是微软公司的办公软件Microsoft office的组件之一，是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在实现上存在远程代码执行漏洞，攻击者通过诱使用户打开特制的Excel文件，利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Office Excel 2003 Microsoft Office Office for Mac 2011 Microsoft Office Office Excel Viewer 2007...

Security Update for Microsoft Silverlight (KB2690729)

This security update to Silverlight includes fixes outlined in KBs 2681578 and 2690729. This update is backward compatible with web applications built using previous versions of Silverlight...

Microsoft Word CVE-2012-0183 RTF Data Handling Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...