OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...

RHEL 6 : java-1.7.0-openjdk (RHSA-2013:1451)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1451 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple inp...

OpenJDK: Java2d Disposer security bypass (2D, 8017287)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...

PT-2013-4988 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: CHICKEN versions prior to 4.8.0.5 CHICKEN development snapshots versions prior to 4.8.3 Description: The issue is related to a buffer overflow in the read-string! procedure within the extras unit. This can be exploited by remote attackers to...

BoltWire 3.5 Cross Site Scripting

============================================= INTERNET SECURITY AUDITORS ALERT 2013-010 - Original release date: March 20th, 2013 - Last revised: March 25th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2013-2651...

MIRcon Preview: Why C-Level Executives Should Attend

Security conferences come and go and most are well attended by information security practitioners for professional development and networking. But what about the executives who are responsible for strategy and who hold the budgets - what conferences should they attend? With MIRcon 2013, Nov. 5-6,...

Debian Security Advisory DSA 2768-1 (icedtea-web - heap-based buffer overflow)

A heap-based buffer overflow vulnerability was found in icedtea-web, a web browser plugin for running applets written in the Java programming language. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the us...

Fedora Update for python-django14 FEDORA-2013-16899

Check for the Version of python-django14 OpenVAS Vulnerability Test Fedora Update for python-django14 FEDORA-2013-16899 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Fedora Update for python-django FEDORA-2013-16901

Check for the Version of python-django OpenVAS Vulnerability Test Fedora Update for python-django FEDORA-2013-16901 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Software Defense Series: Exploit mitigation and vulnerability detection

Software Defense is a broad topic requiring a multipronged approach including: - the processes and tooling associated with secure development that we try and encapsulate within the Microsoft SDL, - core OS countermeasures that make exploitation of a given vulnerability more difficult for an...

[SECURITY] Fedora 20 Update: python-django-1.5.4-1.fc20

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 19 Update: python-django14-1.4.8-1.fc19

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 20 Update: python-django14-1.4.8-1.fc20

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 19 Update: python-django-1.5.4-1.fc19

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

MGASA-2013-0284 Updated python-django package fixes multiple vulnerabilities

Updated python-django package fixes security vulnerabilities: Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to...

[SECURITY] [DSA 2758-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2758-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 17, 2013 http://www.debian.org/security/faq -...

Debian DSA-2755-1 : python-django - directory traversal

Rainer Koirikivi discovered a directory traversal vulnerability with'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to represent allowed prefixes for the % ssi % template tag, is...

flash-plugin: multiple code execution flaws (APSB13-21)

Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK & Compiler before 3.8.0.1430 allow attacker...

[SECURITY] Fedora 18 Update: php-5.4.19-1.fc18

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

[SECURITY] Fedora 19 Update: python-django14-1.4.6-1.fc19

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...