1056 matches found
FreeBSD : bind -- multiple vulnerabilities (a8ec4db7-a398-11e5-85e9-14dae9d210b8)
ISC reports : Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193. Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. RT40945 Insufficient testing when...
cups: incorrect string reference counting (VU#810572)
A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker could submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded, which in turn allowed...
USN-2629-1 cups vulnerabilities
It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code. CVE-2015-1158 It was discovered that the CUPS templating...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
Debian DLA-203-1 : openldap security update
Multiple vulnerabilities were found in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. Please carefully check whether you are affected by CVE-2014-9713: if you are, you will need to manually upgrade your configuration! See below for more details on this. Just upgradi...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
kernel: net: slab corruption from use after free on INIT collisions
A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS...
CVE-2014-8967
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
Design/Logic Flaw
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
CVE-2014-8967
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...
(0Day) Microsoft Internet Explorer display:run-in Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
CentOS 6 : kernel (CESA-2014:1392)
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the sixth regular update. Red Hat Product Security has rated this...
kernel: futex: refcount issue in case of requeue
A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futexwait. A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
RHEL 6 : kernel (RHSA-2014:1392)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1392 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way t...
kernel: vfs: refcount issues during unmount on symlink
A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in ...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
openSUSE Security Update : xen (openSUSE-SU-2013:1404-1)
XEN was updated to 4.2.2, fixing lots of bugs and several security issues. Various upstream patches were also merged into this version by our developers. Detailed buglist : - bnc824676 - Failed to setup devices for vm instance when start multiple vms simultaneously - bnc817799 - sles9sp4 guest...
Ubuntu: Security Advisory (USN-2234-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...