RedHat Update for krb5 RHSA-2012:1131-01

Check for the Version of krb5 OpenVAS Vulnerability Test RedHat Update for krb5 RHSA-2012:1131-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS Update for icedtea-web CESA-2012:1132 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for icedtea-web RHSA-2012:1132-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for icedtea-web RHSA-2012:1132-01

Check for the Version of icedtea-web OpenVAS Vulnerability Test RedHat Update for icedtea-web RHSA-2012:1132-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Scientific Linux Security Update : poppler on SL5.x i386/x86_64

An uninitialized pointer use flaw was discovered in poppler. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler such as Evince to crash or, potentially, execute arbitrary code. CVE-2010-3702 An array index error was found in the way poppler...

Scientific Linux Security Update : krb5 on SL3.x i386/x86_64

An input validation flaw was found in the ASN.1 Abstract Syntax Notation One decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to dereference or free an uninitialized pointer or,...

Scientific Linux Security Update : kdegraphics on SL4.x, SL5.x i386/x86_64

An uninitialized pointer use flaw was discovered in KPDF. An attacker could create a malicious PDF file that, when opened, would cause KPDF to crash or, potentially, execute arbitrary code. CVE-2010-3702 An array index error was found in the way KPDF parsed PostScript Type 1 fonts embedded in PDF...

Scientific Linux Security Update : poppler on SL6.x i386/x86_64

Two uninitialized pointer use flaws were discovered in poppler. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler such as Evince to crash or, potentially, execute arbitrary code. CVE-2010-3702, CVE-2010-3703 An array index error was found i...

Scientific Linux Security Update : krb5 on SL3.x i386/x86_64

David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash or potentially execute arbitrary code as root. CVE-2007-2442 David Coffey also discovered an...

Scientific Linux Security Update : gpdf on SL4.x i386/x86_64

An uninitialized pointer use flaw was discovered in GPdf. An attacker could create a malicious PDF file that, when opened, would cause GPdf to crash or, potentially, execute arbitrary code. CVE-2010-3702 An array index error was found in the way GPdf parsed PostScript Type 1 fonts embedded in PDF...

Scientific Linux Security Update : krb5 on SL5.x i386/x86_64

Tenable Network Security discovered a stack-based buffer overflow flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run...

krb5 security update

CentOS Errata and Security Advisory CESA-2012:1131 Updated krb5 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base score...

icedtea-web: getvalueforurl uninitialized instance pointer

The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instancetoidmap hash is empty, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted web page, which causes an...

Important: Red Hat Security Advisory: icedtea-web security update

Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

krb5: KDC daemon crash via free() of an uninitialized pointer

The kdchandleprotectednegotiation function in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute...

krb5 security update

1.9-33.2 - pull up the patch to correct a possible NULL pointer dereference in kadmind CVE-2012-1013, 827517 1.9-33.1 - add candidate patch from upstream to fix freeing uninitialized pointer in the KDC MITKRB5-SA-2012-001, CVE-2012-1015, 839859...

AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of America Online's Toolbar, Desktop, IM, and winamp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

Wireshark Denial of Service Vulnerability - Mac OS X

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Quest InTrust...

RHEL 5 / 6 : freetype (RHSA-2012:0467)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0467 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual...