1464 matches found
RHEL 5 / 6 : flash-plugin (RHSA-2011:0869)
An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives ...
RHEL 4 : gimp (RHSA-2011:0837)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0837 advisory. - Gimp: Integer overflow in the BMP image file plugin CVE-2009-1570 - Gimp: Stack-based buffer overflow in SphereDesigner plug-in...
Moderate: Red Hat Security Advisory: gimp security update
Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Gimp: Heap-based buffer overflow in Paint Shop Pro (PSP) plug-in
Heap-based buffer overflow in the readchanneldata function in file-psp.c in the Paint Shop Pro PSP plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a PSPCOMPRLE aka RLE compression image file that begins a long run...
Gimp: Stack-based buffer overflow in Lighting plug-in
Stack-based buffer overflow in the loadpresetresponse function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Position field...
Low: Red Hat Security Advisory: eclipse security, bug fix, and enhancement update
Updated eclipse packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2011-0341
Stack-based buffer overflow in the pdfmozonmouse function in apps/mozilla/mozmain.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site...
Stack overflow
Stack-based buffer overflow in the pdfmozonmouse function in apps/mozilla/mozmain.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site...
RedHat Update for xmlsec1 RHSA-2011:0486-01
Check for the Version of xmlsec1 OpenVAS Vulnerability Test RedHat Update for xmlsec1 RHSA-2011:0486-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS 4 / 5 : xmlsec1 (CESA-2011:0486)
Updated xmlsec1 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Adobe Flash Player callMethod Bytecode Memory Corruption
Added: 04/21/2011 CVE: CVE-2011-0611 BID: 47314 OSVDB: 71686 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem A memory corruption vulnerability allows command execution when the browser loads a specially crafted Small Web Forma...
CVE-2011-1179
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...
Code injection
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...
CVE-2011-0012
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...
Null pointer dereference
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...
CVE-2011-1179
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...
CVE-2011-0012
The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows local users to overwrite arbitrary files via a symlink attack on the usbrdrctl log file, which has a predictable name...
CVE-2011-0012
SPICE Firefox plug-in spice-xpi (versions 2.4, 2.3, 2.2 and possibly others) is affected by a local-attack vulnerability where a symlink on a predictable usbrdrctl log file name could allow a local user to overwrite arbitrary files. Exploitation leads to file overwrite (no remote access). Remedia...
CVE-2011-1179
CVE-2011-1179 concerns the SPICE Firefox plug-in (spice-xpi) versions 2.4, 2.3, 2.2 and possibly earlier, where a flaw in two plugin files (nsScriptablePeer.cpp and plugin.cpp) can cause multiple uses of an uninitialized pointer. This can lead to denial of service (crash) and potentially arbitrar...
spice security update
CentOS Errata and Security Advisory CESA-2011:0427 An updated spice-xpi package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS ba...