CVE-2013-2277

The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecifie...

DEBIAN-CVE-2013-0333

lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...

CVE-2013-0333

lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...

PT-2013-1054 · Ruby +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions 2.3.x through 2.3.15 Ruby on Rails versions 3.0.x through 3.0.19 Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. The problem lies i...

rubygem-activesupport: json to yaml parsing

lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...

libxml2: fixed buffer overflow during decoding entities (important)

A Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document...

security update to Firefox 17.0 and other Mozilla based packages (important)

update to Firefox/Thunderbird 17.0 and Seamonkey 2.14 bnc790140 MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards MFSA 2012-92/CVE-2012-4202 bmo758200 Buffer overflow while rendering GIF images MFSA 2012-93/CVE-2012-4201 bmo747607 evalInSanbox location context incorrect...

CVE-2011-3937

The H.263 codec libavcodec/h263dec.c in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changin...

update for bogofilter (important)

This version upgrade of bogofilter fixed a heap corruption in the base 64 decoding routine as well as several other non-security issues...

update for bogofilter (important)

This version upgrade of bogofilter fixed a heap corruption in the base 64 decoding routine as well as several other non-security issues...

libxml2: fixed buffer overflow during decoding entities (important)

A Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document...

Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln03dec12lin.nasl 5958 2017-04-17 09:02:19Z teissa $ Google Chrome Multiple Vulnerabilities-03 Dec2012 Linux Authors: Antu Sanadi Copyright: Copyright c 2012...

Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln03dec12win.nasl 5963 2017-04-18 09:02:14Z teissa $ Google Chrome Multiple Vulnerabilities-03 Dec2012 Windows Authors: Antu Sanadi Copyright: Copyright c 2012...

Google Chrome Multiple Vulnerabilities-03 (Dec 2012) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Multiple Vulnerabilities-03 (Dec 2012) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome < 23.0.1271.97 Multiple Vulnerabilities

Binary data 6643.pasl...

FreeBSD : chromium -- multiple vulnerabilities (51f84e28-444e-11e2-8306-00262d5ed8ee)

Google Chrome Releases reports : 158204 High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva. 159429 High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva. 160456 Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

Memory corruption

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...