Google Chrome Multiple Vulnerabilities-03 (Dec 2012) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Multiple Vulnerabilities-03 (Dec 2012) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome < 23.0.1271.97 Multiple Vulnerabilities

Binary data 6643.pasl...

FreeBSD : chromium -- multiple vulnerabilities (51f84e28-444e-11e2-8306-00262d5ed8ee)

Google Chrome Releases reports : 158204 High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva. 159429 High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva. 160456 Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

Memory corruption

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

CVE-2012-5144

CVE-2012-5144 affects Google Chrome up to 23.0.1271.97 and Libav branches: 0.7.x before 0.7.7 and 0.8.x before 0.8.5. Root cause: an off-by-one overwrite when switching to the LTP profile from MAIN during AAC decoding. Impact: remote denial of service via stack memory corruption and potentially u...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

Critical Vulnerability Fixed in Chrome 23

It’s Patch Tuesday, and not just for Microsoft and Adobe. Google also patched a number of security vulnerabilities in its Chrome browser today, including one critical flaw and three high-severity ones. The most serious vulnerability that Google fixed in Chrome 23 is a crash in the browser’s histo...

kernel: nfs4_getfacl decoding kernel oops

The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words...

FreeBSD : mozilla -- multiple vulnerabilities (d23119df-335d-11e2-b64c-c8600054b392)

The Mozilla Project reports : MFSA 2012-91 Miscellaneous memory safety hazards rv:17.0/ rv:10.0.11 MFSA 2012-92 Buffer overflow while rendering GIF images MFSA 2012-93 evalInSanbox location context incorrectly applied MFSA 2012-94 Crash when combining SVG text on path with CSS MFSA 2012-95...

Mozilla: Improper character decoding in HZ-GB-2312 charset (MFSA 2012-101)

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly handle a tilde character in proximity to a chunk delimiter, which allows remote...

FreeBSD : weechat -- Crash or freeze when decoding IRC colors in strings (e02c572f-2af0-11e2-bb44-003067b2972c)

Sebastien Helleu reports : A buffer overflow is causing a crash or freeze of WeeChat when decoding IRC colors in strings. Workaround for a non-patched version : /set irc.network.colorsreceive off %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Chrome 23 Released, 14 vulnerabilities patched

Google today released Chrome version 23 to the Stable Channel. 23.0.1271.64 for Windows, Mac, Linux, and Chrome Frame. Update includes patch for 12 vulnerabilities in the Windows version and two vulnerabilities in Mac OS X version. Chrome 23 is the support of the Do Not Track DNT protocol, number...

Ubuntu Update for exim4 USN-1618-1

Ubuntu Update for Linux kernel vulnerabilities USN-1618-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16181.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for exim4 USN-1618-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1618-1: Exim vulnerability

It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code...

CVE-2012-5238

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of 1 PPP and 2 LCP data, which allows remote attackers to cause a denial of service assertion failure and application exit via a malformed packet...