48 matches found
RHEL 4 : nspr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nspr: heap-buffer overflow in PLARENAALLOCATE MFSA 2015-133 CVE-2015-7183 Note that Nessus has not tested for this...
Security Bulletin: Vulnerabilities in Network Security (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2015-7181 CVE-2015-7182 CVE-2015-7183)
Summary Vulnerabilities in Network Security NSS and Netscape Portable Runtime NSPR affect the IBM SAN Volume Controller and Storwize Family. Though the CVE descriptions below document the vunerbilities in the context of the Mozilla product, the IBM SAN Volume Controller and Storwize Family of...
Security Bulletin: Vulnerabilities in the Network Security Services (NSS) affect the IBM FlashSystem models 840 and 900 (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)
Summary There are vulnerabilities in Network Security Services NSS to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of these vulnerabilities could allow a remote attacker to execute arbitrary code on a vulnerable system, cause the application to crash, or cau...
Slackware: Security Advisory (SSA:2015-310-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1981-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1978-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1926-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based...
Security Bulletin: Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1819, CVE-2015-5600, CVE-2015-7183, CVE-2015-7181, CVE-2015-7182)
Summary Multiple Vulnerabilities in libxml, OpenSSH, Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1819 DESCRIPTION: Libxml is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error in the...
Security Bulletin: IBM Security Access Manager for Mobile is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)
Summary Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. IBM Security Access Manager for...
Security Bulletin: IBM Security Access Manager for Web is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)
Summary Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. IBM Security Access Manager for Web...
Oracle VM VirtualBox < 4.0.36 / 4.1.44 / 4.2.36 / 4.3.34 / 5.0.10 Multiple Vulnerabilities (January 2016 CPU)
The Oracle VM VirtualBox application installed on the remote host is a version prior to 4.0.36, 4.1.44, 4.2.36, 4.3.34, or 5.0.10. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists due to an infinite loop condition in the KVM subsystem of the...
openSUSE Security Update : Mozilla Thunderbird (openSUSE-2015-885)
The MozillaThunderbird package was updated to version 38.4.0 to fix several security and non security issues : Changes in MozillaThunderbird : - update to Thunderbird 38.4.0 bnc952810 - MFSA 2015-116/CVE-2015-4513/CVE-2015-4514 Miscellaneous memory safety hazards - MFSA 2015-122/CVE-2015-7188...
USN-2819-1 thunderbird vulnerabilities
Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potential...
SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2015:2081-1)
MozillaFirefox ESR was updated to version 38.4.0ESR to fix multiple security issues. MFSA 2015-116/CVE-2015-4513 Miscellaneous memory safety hazards rv:42.0 / rv:38.4 MFSA 2015-122/CVE-2015-7188 Trailing whitespace in IP address hostnames can bypass same-origin policy MFSA 2015-123/CVE-2015-7189...
[SECURITY] [DLA 344-1] nspr security update
Package : nspr Version : 4.8.6-1+squeeze3 CVE ID : CVE-2015-7183 Google security engineer Ryan Sleevi found a vulnerability in the NetScape Portable Runtime Library NSPR. NSPR allocated memory without specific checks, making it possible for remote attackers to cause a Denial of Service or execute...
Critical: Red Hat Security Advisory: nss, nss-util, and nspr security update
Updated nss, nss-util, and nspr packages that fix three security issues are now available for Red Hat Enterprise Linux 6.2 and 6.4 Advanced Update Support, and Red Hat Enterprise Linux 6.5 and 6.6 Extended Update Support. Red Hat Product Security has rated this update as having Critical security...
RHEL 6 : nss, nss-util, and nspr (RHSA-2015:2068)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:2068 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2015:1981-1)
This Mozilla Firefox, NSS and NSPR update fixes the following security and non security issues. - mozilla-nspr was updated to version 4.10.10 bsc952810 - MFSA 2015-133/CVE-2015-7183 bmo1205157 NSPR memory corruption issues - mozilla-nss was updated to 3.19.2.1 bsc952810 - MFSA...
SUSE SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2015:1978-1)
This Mozilla Firefox, NSS and NSPR update fixes the following security and non security issues. - mozilla-nspr was updated to version 4.10.10 bsc952810 - MFSA 2015-133/CVE-2015-7183 bmo1205157 NSPR memory corruption issues - mozilla-nss was updated to 3.19.2.1 bsc952810 - MFSA...