The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel spreadsheet editor, and the Microsoft Excel Viewer allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Office Compatibility Pack, the Microsoft Excel spreadsheet editor, and the Microsoft Excel Viewer arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code using...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Graphics Device Interface GDI component in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted document...

The vulnerabilities of the Microsoft SharePoint Server corporate application suite, the Microsoft PowerPoint presentation preparation program, the Microsoft PowerPoint Viewer for presentation viewing, the Microsoft Office Compatibility Pack, the Microsoft Office Web Apps suite, and the Office Web Apps Server web server allow a perpetrator to execute arbitrary code.

The vulnerabilities of the Microsoft SharePoint Server corporate application, the Microsoft PowerPoint presentation software, the Microsoft PowerPoint Viewer, the Microsoft Office Compatibility Pack, the Microsoft Office Web Apps suite, and the Office Web Apps Server web server are caused by an...

The vulnerabilities of Microsoft Excel editors, the Microsoft Office Compatibility Pack, and the Microsoft Excel Viewer allow a perpetrator to execute arbitrary code.

The vulnerability of Microsoft Excel editors, the Microsoft Office Compatibility Pack, and the Microsoft Excel Viewer are caused by an operation that goes beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code using a specially crafted...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1057)

This update for MozillaThunderbird fixes the following issues : - update to Thunderbird 45.3.0 boo991809 - Disposition-Notification-To could not be used in mail.compose.other.header - 'edit as new message' on a received message pre-filled the sender as the composing identity. - Certain messages...

SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:2089-1)

This update for squid3 fixes the following issues : - Multiple issues in pinger ICMP processing. CVE-2014-7141, CVE-2014-7142 - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. bsc973782 - CVE-2016-4554: fix header smuggling issue in HTTP Request processing bsc979010 - Fix multipl...

SUSE SLES12 Security Update : squid (SUSE-SU-2016:2008-1)

The Squid HTTP proxy has been updated to version 3.3.14, fixing the following security issues : - Fixed multiple Denial of Service issues in HTTP Response processing. CVE-2016-2569, CVE-2016-2570, CVE-2016-2571, CVE-2016-2572, bsc968392, bsc968393, bsc968394, bsc968395 - CVE-2016-3947: Buffer...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)

Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...

SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)

This update for squid3 fixes the following issues : - Multiple issues in pinger ICMP processing. CVE-2014-7141, CVE-2014-7142 - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. bsc973782 - CVE-2016-4554: fix header smuggling issue in HTTP Request processing bsc979010 - fix multipl...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-1028)

This update for MozillaFirefox, mozilla-nss fixes the following issues : Changes in MozillaFirefox : - Mozilla Firefox 48.0.1 : - Fixed an audio regression impacting some major websites bmo1295296 - Fix a top crash in the JavaScript engine bmo1290469 - Fix a startup crash issue caused by Websense...

openSUSE Security Update : Firefox (openSUSE-2016-1019)

This update includes Firefox 48.0.1 to fix a few regressions and a security issue : - Fix an audio regression impacting some major websites - Fix a top crash in the JavaScript engine - Fix a startup crash issue caused by Websense - Fix a different behavior with e10s / non-e10s on select and mouse...

Vulnerability of PHP software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

Overloading of buffers in dynamic memory in the phpparserr function in ext/standard/dns.c in PHP allows remote servers to trigger a failure in service abrupt termination of operations and execute arbitrary code, using specially crafted TXT records in DNS. This vulnerability is related to the...

The vulnerability of Cisco PIX software allows a malicious individual to trigger a service failure.

Overloading the buffer in the Cisco PIX Firewall allows malicious actors operating remotely to trigger service failures by using authentication for HTTP traffic via TACACS+ or RADIUS...

The vulnerability of the OpenOffice.org module of the LibreOffice office software package, related to the execution of operations beyond the buffer boundaries in memory, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the OpenOffice.org module of the LibreOffice office software package is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause...

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the raphemestripos function ext/intl/grapheme/graphemestring.c in the PHP interpreter exists due to the reading of data beyond the specified buffer. Exploiting this vulnerability may allow an attacker to cause a service failure reading beyond the memory limit, or it may have...

Updated pgpdump packages fix security vulnerabilities

Updated pgpdump package fixes security vulnerability: The pgpdump package has been updated to version 0.31, fixing a buffer overrun...

MGASA-2016-0212 Updated pgpdump packages fix security vulnerabilities

Updated pgpdump package fixes security vulnerability: The pgpdump package has been updated to version 0.31, fixing a buffer overrun...

Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities

Exploit for windows platform in category dos / poc Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems...

Operation Technology ETAP 14.1.0 Multiple Stack Buffer Overrun Vulnerabilities

Summary Enterprise Software Solution for Electrical Power Systems. ETAP is the most comprehensive electrical engineering software platform for the design, simulation, operation, and automation of generation, transmission, distribution, and industrial systems. As a fully integrated model-driven...

SUSE SLES11 Security Update : openssl (SUSE-SU-2016:1290-1)

This update for openssl fixes the following issues : Security issues fixed : - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2109: ASN.1 BIO excessive memory...