5248 matches found
UBUNTU-CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service memory consumption and server crash via a large number of zero width elements in the client-properties map in a connection.start-ok message...
TinyMCE 3.5.8 Cross Site Scripting
Vulnerability Report Author: Justin C. Klein Keane Date: 5 March, 2013 CVE-2012-4230 Description of Vulnerability: ----------------------------- "TinyMCE in itself can not be insecure" http://www.tinymce.com/wiki.php/Security "TinyMCE is a platform independent web based Javascript HTML WYSIWYG...
Fedora 18 : firefox-19.0-1.fc18 / thunderbird-17.0.3-1.fc18 / xulrunner-19.0-1.fc18 (2013-2794)
Built-in PDF viewer - Canvas elements can export their content as an image blob using canvas.toBlob - Startup performance improvements bugs 715402 and 756313 - Debugger now supports pausing on exceptions and hiding non-enumerable properties - Remote Web Console is available for connecting to...
SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)
java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...
java-1_6_0-openjdk to 1.12.2 (important)
OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)
Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...
Fedora 16 : java-1.7.0-openjdk-1.7.0.9-2.3.5.3.fc16 (2013-2188)
The update contains the following security fixes : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdow...
Design/Logic Flaw
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...
CVE-2013-0435
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU...
Design/Logic Flaw
Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements...
CVE-2013-0839
Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements...
CVE-2013-0839
CVE-2013-0839 is a Google Chrome use-after-free vulnerability (fonts handling in CANVAS elements) that allowed remote denial of service and potentially other impact. Affected product: Google Chrome before 24.0.1312.56. The available connected data confirm the CVE id is linked to multiple Chrome v...
CVE-2013-0839
Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements...
CVE-2013-0839
Removed by vendor...
apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...
apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors...
Mozilla Products Multiple Vulnerabilities (Jan 2013) - Mac OS X
Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Products Multiple Vulnerabilities (Jan 2013) - Windows
Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Firefox < 18.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox is earlier than 18.0 and thus, is potentially affected by the following security issues : - Multiple unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763,...
Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities
Binary data 800108.prm...