openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)

MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...

MultiMonitorTool v1.63 - Multiple Monitors on Windows

MultiMonitorTool is a small tool that allows you to do some actions related to working with multiple monitors. With MultiMonitorTool, you can disable/enable monitors, set the primary monitor, save and load the configuration of all monitors, and move windows from one monitor to another. You can do...

Abuse-SDL 0.7 Command-Line Argument Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7982/info A buffer overflow vulnerability has been reported for Abuse-SDL that may result in the execution of attacker-supplied code. The vulnerability exists due to insufficient bounds checking performed on certain...

LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilites

No description provided by source. source: http://www.securityfocus.com/bid/9712/info Multiple buffer overflow vulnerabilities exist in the environment variable handling of LBreakout2. The issue is due to an insufficient boundary checking of certain environment variables used by the affected...

slocate 2.5/2.6 - Local Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6676/info A vulnerability has been discovered in slocate. It has been reported that a buffer overrun occurs when running the slocate program with command line arguments of excessive length. Specifically, it is possible to...

[SECURITY] Fedora 20 Update: catfish-1.0.1-1.fc20

Catfish is a handy file searching tool. The interface is intentionally lightweight and simple, using only GTK+3. You can configure it to your needs by using several command line options...

Jumping Out of IE's Sandbox With One Click

Software vendors often give intentionally vague and boring names to the updates they use to fix security vulnerabilities. The lamer the name, the less attention it may attract from attackers looking to reverse-engineer the patch. There was one patch in Microsoft’s August Patch Tuesday release...

Oracle Linux 6 : foomatic (ELSA-2011-1110)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-1110 advisory. 4.0.4-1:.1 - Applied patch to fix improper sanitization of command line options CVE-2011-2697, bug 721001. Tenable has extracted the preceding description block...

Fedora 18 : dracut-024-5.git20121019.fc18 (2012-16448)

fixed ifup exit code - fixed default 'rd.auto' parameter setting - only 'warn' not 'error', if we don't strip the initramfs - do not overwrite ifcfg from anaconda - ssh-client module fixes - strip binaries in the initramfs by default now - fixes for systemd and crypto - new dracut kernel command...

CVE-2012-2658

Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service crash via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has...

php: command line arguments injection when run in CGI mode (VU#520827)

sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

Design/Logic Flaw

sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

Design/Logic Flaw

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to cause a denial of service resource consumption by placing command-line options...

EUVD-2012-2329

sapi/cgi/cgimain.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to cause a denial of service resource consumption by placing command-line options...

Low: Red Hat Security Advisory: virt-v2v security and bug fix update

An updated virt-v2v package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

CVE-2011-2569

Cisco Nexus OS aka NX-OS 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188...

Ubuntu: Security Advisory (USN-1194-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for foomatic-filters USN-1194-1

Ubuntu Update for Linux kernel vulnerabilities USN-1194-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11941.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for foomatic-filters USN-1194-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : foomatic-filters vulnerabilities (USN-1194-1)

It was discovered that the foomatic-rip Foomatic filter incorrectly handled command-line options. An attacker could use this flaw to cause Foomatic to execute arbitrary code as the 'lp' user. In the default installation, attackers would be isolated by the CUPS AppArmor profile. Note that Tenable...

USN-1194-1: Foomatic filters vulnerabilities

It was discovered that the foomatic-rip Foomatic filter incorrectly handled command-line options. An attacker could use this flaw to cause Foomatic to execute arbitrary code as the "lp" user. In the default installation, attackers would be isolated by the CUPS AppArmor profile...