SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)

java-170-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT...

Security update for Java7 (important)

Update OpenJDK to 7u95 / IcedTea 2.6.4 including the following fixes: Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962,...

SUSE-SU-2016:0256-1 Security update for java-1_8_0-openjdk

java-180-openjdk was updated to version 7u95 to fix several security issues. bsc962743 The following vulnerabilities were fixed: - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472:...

openSUSE Security Update : ffmpeg (openSUSE-2016-94)

This update to ffmpeg 2.8.5 fixes the following issues : - CVE-2016-1897: Cross-origin issue in URL processing concat - local file disclosure boo961937 - CVE-2016-1898: Cross-origin issue in URL processing subfile - local file disclosure boo961937 %NASLMINLEVEL 70300 C Tenable Network Security,...

Security update for ffmpeg (important)

This update to ffmpeg 2.8.5 fixes the following issues: CVE-2016-1897: Cross-origin issue in URL processing concat - local file disclosure boo961937 CVE-2016-1898: Cross-origin issue in URL processing subfile - local file disclosure boo961937...

JVN#64625488: applican vulnerable to script injection

applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in proccessing URL. Impact When a user accesses a specially crafted URL through an application built using applican, an...

CVE-2014-8488

The CVE-2014-8488 entry is corroborated by connected advisories showing Fedora updates for yourls 1.7 (e.g., FEDORA-2015-5965/5972) addressing an XSS in the administrator panel via the Shorten functionality. Affected product: YOURLS (PHP-based URL shortening) software package 1.7; vulnerability t...

Orbit Downloader Long URL Stack Buffer Overflow - Ver2 (CVE-2009-0187)

Orbit Downloader, developed by Orbit Downloader Team, is a graphical download manager for Microsoft Windows operating system. Orbit Downloader works with all major browsers like Opera, Mozilla Firefox, Microsoft Internet Explorer, Maxthon, and Netscape. A buffer overflow vulnerability exists in...

Foxit Reader Plugin URL Processing Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Foxit Reader Plug...

Foxit Reader PDF File Handling Memory Corruption Vulnerability

Foxit Reader is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader";...

CVE-2010-3497

Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that...

Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513...

Opera URL Processing Arbitrary Code Execution Vulnerability - Mac OS X

Opera is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera URL Processing Arbitrary Code Execution Vulnerability - Windows

Opera is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-0036

curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...

Cisco Content Delivery System DoS

Internet Streamer URL processing crash...

VMware View 3.1.x - URL Processing Cross-Site Scripting

VMware View 3.1.x - URL Processing Cross-Site Scripting source: https://www.securityfocus.com/bid/39949/info VMware View is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

ffdshow Codec Media Stream URL Processing Buffer Overflow (CVE-2008-5381)

ffdshow is a popular all-in-one codec for many video and audio file and stream formats, including Xvid, H.264, MPEG, AAC, Vorbis, AC3, DTS and others. It is an open source software released under the terms of GNU General Public License version 2 and is implemented as directShow filter and VFW...

Orbit Downloader Download Argument Processing Stack Buffer Overflow (CVE-2008-1602)

There exists a buffer overflow vulnerability in Orbit Downloader. The vulnerability is caused due to insufficient boundary checking when the application processes the URL string. An attacker may exploit this vulnerability by enticing a target user to open a malicious long URL. Successful...

Apple iTunes Protocol Handler Stack Buffer Overflow (CVE-2009-0950)

Apple iTunes is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files. When iTunes is installed, it registers itself with the host Operating System as a protocol handler for several application URL schemes. A buffer overflow...