kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet

A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...

kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet

A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...

Google Chrome Font Uninitialization Vulnerability

Google Chrome is a simple and efficiently designed web browsing tool developed by Google. Google Chrome Font has an uninitialized vulnerability due to the program fails to properly initialize data structure vulnerability, allowing attackers to construct malicious WEB pages and trick users into...

UBUNTU-CVE-2015-0239

The emsysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service guest OS crash by triggering use of a 16-bit code segment for emulation of a...

CVE-2014-7942

The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-7940

The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...

Design/Logic Flaw

The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-7940

CVE-2014-7940 affects ICU 52 and derived Chrome builds; the collator in i18n/ucol.cpp does not initialize memory for a data structure, enabling denial of service or unspecified impact via crafted input. Public-module details: linked advisories show remediation by upgrading ICU to newer releases (...

CVE-2014-7942

Removed by vendor...

CVE-2014-7942

The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2014-7940

The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have...

UBUNTU-CVE-2014-7942

The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Updated iceape package fixes security vulnerabilities

Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service memory corruption and...

Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

CVE-2014-8637

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

Information disclosure

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

CVE-2014-8637

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

CVE-2014-8637

CVE-2014-8637 affects Mozilla Firefox <35.0 and SeaMonkey

CVE-2014-8637

Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element...

Facebook HipHop Virtual Machine crypgraphic protection mechanism bypass vulnerability

Facebook HipHop Virtual Machine is a HipHop virtual machine developed by Facebook Inc. that significantly improves PHP performance for loading dynamic pages. A crypgraphic protection mechanism bypass vulnerability exists in Facebook HipHop Virtual Machine versions prior to 3.3.0. The vulnerabilit...