icedtea security update

CentOS Errata and Security Advisory CESA-2013:0753 Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: icedtea-web security update

Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2013-2833

Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements...

Design/Logic Flaw

Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements...

Security feature bypass

Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834...

CVE-2013-2833

CVE-2013-2833 is a use-after-free vulnerability in the O3D plug-in used by Google Chrome OS before version 26.0.1410.57. The flaw arises from improper ownership relationship handling among Elements and DrawElements, enabling remote attackers to trigger a denial of service or potentially other imp...

CVE-2013-2832

CVE-2013-2832 affects Google Chrome OS before 26.0.1410.57, specifically the O3D plug-in’s Buffer::Set in core/cross/buffer.cc, where uninitialized data could remain in a buffer and allow remote attackers to obtain sensitive information via unspecified vectors. The fix was delivered in Chrome OS ...

CVE-2013-2832

The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors...

CVE-2013-2833

Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements...

RHEL 5 / 6 : flash-plugin (RHSA-2013:0730)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which...

NRPE metacharacter filtering omission (important)

NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...

CVE-2013-0790

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...

Memory corruption

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...

CVE-2013-0474

The Manual Explore browser plug-in in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to discover test Platform Authentication credentials via a crafted web site...

Java enabled browsers are highly vulnerable

Oracle has released emergency patches multiple of times in recent months for Java for one after another set of vulnerabilities. About 100 million computers reported to be vulnerable to unauthorized access via different flaw in Java software. Department of Homeland Security's US-CERT already warne...

CVE-2013-0967

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site...

CentOS 6 : 389-ds-base (CESA-2013:0628)

Updated 389-ds-base packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

RedHat Update for 389-ds-base RHSA-2013:0628-01

Check for the Version of 389-ds-base OpenVAS Vulnerability Test RedHat Update for 389-ds-base RHSA-2013:0628-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Google Chrome Multiple Vulnerabilities-02 March 2013 (Linux)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02mar13lin.nasl 6079 2017-05-08 09:03:33Z teissa $ Google Chrome Multiple Vulnerabilities-02 March 2013 Linux Authors: Thanga Prakash S Copyright: Copyright c...

Google Chrome Multiple Vulnerabilities-02 March 2013 (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02mar13win.nasl 6074 2017-05-05 09:03:14Z teissa $ Google Chrome Multiple Vulnerabilities-02 March 2013 Windows Authors: Thanga Prakash S Copyright: Copyright ...