CVE-2014-8626

Stack-based buffer overflow in the datefromISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding...

CVE-2014-9021

CVE-2014-9021 covers multiple XSS flaws in the ZTE ZXDSL 831 family (including 831CII). Technical details from connected sources show vulnerabilities on specific UI endpoints: the TR-069 client page (tr69cfg.cgi) via parameters tr69cAcsURL, tr69cAcsUser, tr69cAcsPwd, tr69cConnReqPwd, tr69cDebugEn...

[SECURITY] [DLA 73-1] tzdata update

Package : tzdata Version : 2014h-0squeeze1 Upstream published version 2014h. Changes since 2014e-0squeeze1 currently in squeeze are adjustments to the DST rules of Russia and a timezone change for Turks & Caicos. Aurelien Jarno GPG: 4096R/1DDD8C9B [email protected] http://www.aurel32.net...

DLA-73-1 tzdata - update

Bulletin has no description...

CrossWind CyberScheduler 2.1 websyncd remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2628/info CrossWind CyberScheduler is a scheduling and calendaring package. It consists of two distinct parts for - a set of cgi scripts on a web server and a set of daemons or services on a database server. Both parts ar...

Serv-U FTPD MDTM Overflow

No description provided by source. $Id: servumdtm.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Solaris 7.0/8 IPCS Timezone Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2581/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on machines varying...

Scientific Linux Security Update : tzdata enhancement update on SL5.x, SL6.x i386/x86_64 (20140623)

This update adds the following enhancements : - Based on the official government announcement, Egypt's 2014 Ramadan-based transitions were updated to June 26 and July 31 at 24:00. - Morocco's Ramadan transitions were also updated to June 28 at 03:00 and August 2 at 02:00. This update has been...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-2012-136)

update to version 1.11.1 to fix several security issues : - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class -...

openSUSE Security Update : glibc (openSUSE-2012-32)

Fix timezone loader overflow bnc735850,CVE-2009-5029 patch tzfile-corruption-fix.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-32. The text description of this plugin is...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:0377-1)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

CVE-2012-5560

The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call...

Default configuration

The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call...

CVE-2012-5560

The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call...

CVE-2013-0299

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the timezone for the user via the lat and lng parameters to...

CVE-2013-0301

Cross-site request forgery CSRF vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter...

CVE-2013-0299

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the timezone for the user via the lat and lng parameters to...

CVE-2013-0301

Cross-site request forgery CSRF vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the timezone for the user via the lat and lng parameters to...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter...