OpenJDK: missing serialization restriction (CORBA, 7201066)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

OpenJDK: missing serialization restriction (CORBA, 7201066)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

CubeCart 5.2.0 - cubecart.class.php PHP Object Injection

CubeCart 5.2.0 - cubecart.class.php PHP Object Injection ------------------------------------------------------------------------- CubeCart set'shipping', unserializebase64urldecode$POST'shipping'; 522. if !isset$POST'proceed' 523. httpredircurrentPage; 524. 525. User input passed through the...

Fedora 16 : java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16 (2013-1898)

Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Updated to icedtea6 1.11.6 - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction...

OpenJDK: missing serialization restriction (CORBA, 7201066)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

OpenJDK: missing serialization restriction (CORBA, 7201066)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

[SECURITY] Fedora 18 Update: php-symfony2-Yaml-2.1.7-1.fc18

The Symfony2 YAML Component parses YAML strings to convert them to PHP arra ys. It is also able to convert PHP arrays to YAML strings. YAML, YAML Ain't Markup Language, is a human friendly data serialization standard for all programming languages. YAML is a great format for your configuration...

Fedora Update for php-symfony2-Yaml FEDORA-2013-1130

Check for the Version of php-symfony2-Yaml OpenVAS Vulnerability Test Fedora Update for php-symfony2-Yaml FEDORA-2013-1130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

RHEL 4 : java-1.5.0-ibm (RHSA-2007:0073)

java-1.5.0-ibm packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM...

Fedora Update for rubygem-activemodel FEDORA-2013-0635

Check for the Version of rubygem-activemodel OpenVAS Vulnerability Test Fedora Update for rubygem-activemodel FEDORA-2013-0635 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...

RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0880 advisory. - TLS: MITM attacks via session renegotiation CVE-2009-3555 - krb5: null pointer dereference in GSS-API library leads to DoS...

Fedora Update for rubygem-activemodel FEDORA-2013-0686

Check for the Version of rubygem-activemodel OpenVAS Vulnerability Test Fedora Update for rubygem-activemodel FEDORA-2013-0686 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...

[SECURITY] Fedora 16 Update: rubygem-activemodel-3.0.10-2.fc16

Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework...

Ruby on Rails - XML Processor YAML Deserialization Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails XML Processor YAML...

Fedora 16 : openstack-swift-1.4.8-3.fc16 (2012-15098)

Do not use pickle for serialization in memcache CVE-2012-4406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

HP SiteScope SOAP Call getSiteScopeConfiguration Configuration Access

This module exploits an authentication bypass vulnerability in HP SiteScope which allows to retrieve the HP SiteScope configuration, including administrative credentials. It is accomplished by calling the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service. The...

OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...

OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.235 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality,...

Microsoft .NET Framework Serialization Data Validation Error (MS12-035; CVE-2012-0160)

A remote code execution vulnerability has been reported in the Microsoft .NET Framework...

Microsoft .NET Framework Serialization Code Execution (MS12-035; CVE-2012-0161)

A remote code execution vulnerability has been reported in the Microsoft .NET Framework...