Scientific Linux Security Update : firefox on SL4.x, SL5.x, SL6.x i386/x86_64

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could possibly lead to arbitrary code execution with the privileges of th...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird. CVE-2011-0080...

CentOS Update for firefox CESA-2011:0471 centos4 x86_64

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2011:0471 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

VMware Fusion 4.x < 4.1.3 (VMSA-2012-0009, VMSA-2012-0011)

The version of VMware Fusion 4.x installed on the Mac OS X host is earlier than 4.1.3, and is therefore reportedly affected by the following vulnerabilities : - Due to a flaw in the virtual floppy configuration it is possible to perform an out-of-bounds memory write. This vulnerability may allow ...

PT-2012-1548 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39.4 Description: The issue allows local users to gain privileges by writing a certain integer value to kernel memory due to the osf wait4 function in arch/alpha/kernel/osf sys.c using an incorrect pointer o...

VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check)

The remote VMware ESX/ESXi host is affected by the following security vulnerabilities : - ESX NFS traffic parsing vulnerability: Due to a flaw in the handling of NFS traffic, it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the...

glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFYSOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments...

PT-2013-1211 · Gnu +3 · Glibc +3

Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.15-r3 Description: The issue concerns multiple vulnerabilities in the glibc package, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur locally...

kernel: futex: clear robust_list on execve

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process...

kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking

The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...

kernel: proc: /proc/<pid>/mem mem_write insufficient permission checking

The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...

MS11-0 9 2--Arbitary Memoray Write 2 NULL bytes!- Vulnerability warning-the black bar safety net

The day received a few e ZDI vulnerability announcement message, wherein a is MS11-0 9 2. Due to the recent File format vulnerability more interested in, so it PatchDiff2 than a little patch file. Than after 贼心 does not change the need to see that there is no ready-made POC. GOOGLE had a...

ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities

Overview This Advisory is a follow-up to the Alert, “ICS-ALERT-11-271-01 - ARC Informatique PcVue HMI/SCADA ActiveX Vulnerabilities.” ICS-CERT is aware of publicly and privately disclosed reports of four vulnerabilities in ARC Informatique’s PcVue application. These vulnerabilities include:...

CentOS Update for seamonkey CESA-2011:0473 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for firefox CESA-2011:0471 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for seamonkey CESA-2011:0473 centos4 i386

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2011:0473 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Opera Browser 'SELECT' HTML Tag Remote Memory Corruption Vulnerability (Windows)

The host is installed with Opera browser and is prone to memory corruption vulnerability. OpenVAS Vulnerability Test $Id: gboperamemcorrvulnwin.nasl 7044 2017-09-01 11:50:59Z teissa $ Opera Browser 'SELECT' HTML Tag Remote Memory Corruption Vulnerability Windows Authors: Madhuri D Copyright:...

TSSA-2011-02 - Opera : SELECT SIZE Arbitrary null write

--------------------------------------------------------------------------- - - Opera : SELECT SIZE Arbitrary null write - - --------------------------------------------------------------------------- -- Vulnerability Summary: Date Published: 03/05/2011 Last Update: 03/05/2011 Advisory ID:...

Design/Logic Flaw

The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an invalid memory write operation, and consequently cause a denial of service application crash or...

kernel: drm/radeon/kms: check AA resolve registers on r300

The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with 1 Video RAM aka VRAM or 2 the Graphics Translation Table GTT via crafted values...