Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

CVE-2013-0910

Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser process and renderer processes during authorization of the loading of a plug-in, which makes it easier for remote attackers to bypass intended access restrictions via vectors involving a blocked plug-i...

Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities

Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today’s update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java ...

CVE-2013-0910

Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser process and renderer processes during authorization of the loading of a plug-in, which makes it easier for remote attackers to bypass intended access restrictions via vectors involving a blocked plug-i...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 176882 High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva. 176252 High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to "chromium.khalil". 172926 172331 High CVE-2013-0904: Memory corruption in Web Audio. Credit to...

US-CERT Alert TA13-051A - Oracle Java Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA13-051A Oracle Java Multiple Vulnerabilities Original release date: February 20, 2013 Last revised: -- Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 13 and earlier JDK and...

Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation (Unix)

The remote host is using an unmanaged version of Sun Java Runtime Environment that has vulnerabilities in its Java Runtime Plug-in, a web browser add-on used to display Java applets. The JRE Plug-in security can be bypassed by tricking a user into viewing a maliciously crafted web page...

Oracle Java SE Multiple Vulnerabilities (March 2010 CPU) (Unix)

The version of Oracle formerly Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 19 / 5.0 Update 24 / 1.4.226. Such versions are potentially affected by security issues in the following components : - ImageIO - Java 2D - JRE - Java Web Start, Java Plug-in -...

Sun Java JRE Multiple Vulnerabilities (244986 et al) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is earlier than 6 Update 11 / 5.0 Update 17 / 1.4.219 / 1.3.124. Such versions are potentially affected by the following security issues : - The JRE creates temporary files with insufficiently random names. 244986 - Ther...

Fedora 17 : gimp-2.8.4-1.fc17 (2013-2000)

Among other things this update fixes a vulnerability with corrupt XWD files and a crash with newer versions of fontconfig when gimp is quit. Overview of Changes from GIMP 2.8.2 to GIMP 2.8.4 ================================================= GUI : - Better names for the default filters in save and...

Critical: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

ECShop payment plug-ins exposed 0day vulnerabilities 3 6 0 to assist in the repair-bug warning-the black bar safety net

Recently, the 3 6 0 Web sitessecurity testingplatform exclusive discover the online store system ECShop Alipay plug-in the presence of high-risk 0day vulnerability. Hackers can use aSQL injectionto bypass the system to limit access to the web data, and then implement the“drag library”steal site...

RHEL 6 : flash-plugin (RHSA-2013:0254)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0254 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several...

RHEL 5 / 6 : flash-plugin (RHSA-2013:0243)

An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

RHEL 3 / 4 : flash-plugin (RHSA-2006:0674)

An updated Adobe Flash Player package that fixes security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Firefox-compatible Adobe Flash Player browser plug-in. Security issues were...

RHEL 5 : flash-plugin (RHSA-2010:0102)

An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having important security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox compatible...

RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0156)

Updated java-1.7.0-oracle packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

java 7.x -- security manager bypass

US CERT reports: Java 7 Update 10 and earlier versions of Java 7 contain a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The Java JRE plug-in provides its own Security Manager. Typically, a web applet runs with a security manager...