Integer overflow in ANGLE library — Mozilla

Security researcher Alex Chapman reported that the Almost Native Graphics Layer Engine ANGLE library used by Mozilla is vulnerable to an integer overflow. This vulnerability is present because of insufficient bounds checking in the drawLineLoop function, which can be driven by web content to...

Adobe Reader U3D PCX Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the improper bounds...

Fedora Update for roundcubemail FEDORA-2013-15223

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-15223 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-43)

It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine JVM, or bypass Java sandbox restrictions. CVE-2012-0497 It...

Amazon Linux AMI : mysql51 (ALAS-2012-145)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 C Tenable...

levitator

Improper bounds checking in the PowerVR driver as used in versions of Android prior to 2.3.6 when copying user data to kernel memory allows a malicious local application to write to the same area of memory referenced in CVE-2011-1350, potentially allowing for arbitrary code execution and privileg...

Debian DSA-2738-1 : ruby1.9.1 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1821 Ben Murphy discovered that unrestricted enti...

bind: 9.9.3P2 security and bugfix update (important)

The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. CVE-2013-4854, bnc831899...

Debian Security Advisory DSA 2736-1 (putty - several vulnerabilities)

Several vulnerabilities where discovered in PuTTY, a Telnet/SSH client for X. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4206 Mark Wooding discovered a heap-corrupting buffer underrun bug in the modmul function which performs modular multiplicatio...

Oracle Java sun.awt.image.ImagingLib.lookupByteBI Buffer Overflow (CVE-2013-2463)

A heap buffer overflow vulnerability exists in Oracle Java. The vulnerability is due to improper bounds checking during a call to sun.awt.image.ImagingLib.lookupByteBI method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page...

SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)

This update to icedtea-2.4.1 fixes various security issues : - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450: Improve...

[SECURITY] Fedora 19 Update: nodejs-sha-1.0.1-4.fc19

Check and get file hashes using MD5, SHA1, or any other algorithm supported by OpenSSL...

Oracle Linux 3 / 4 : ncompress (ELSA-2006-0663)

From Red Hat Security Advisory 2006:0663 : Updated ncompress packages that address a security issue and fix bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The ncompress package contains file compression and decompression...

Oracle Linux 5 : kernel (ELSA-2010-0504)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0504 advisory. - fs gfs2: fix permissions checking for setflags ioctl Steven Whitehouse 595580 595399 CVE-2010-1641 - misc keys: do not find already freed keyrings...

Oracle Linux 5 / 6 : openssl (ELSA-2012-0699)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0699 advisory. - fix for CVE-2012-2333 - improper checking for record length in DTLS 820686 Tenable has extracted the preceding description block directly from the Oracle...

OpenJDK: AccessControlContext check order issue (Libraries, 8001330)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

CentOS 6 : bind (CESA-2013:0689)

"Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: python-keystoneclient security, bug fix, and enhancement update

Updated python-keystoneclient packages that fix two security issues, one bug, and add one enhancement are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

OpenJDK: AccessControlContext check order issue (Libraries, 8001330)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

[SECURITY] Fedora 19 Update: perl-Module-Signature-0.73-1.fc19

This package contains a command line tool and module for checking and creat ing SIGNATURE files for Perl CPAN distributions...