openSUSE Security Update : flash-player (openSUSE-SU-2012:0331-1)

flash-player 11.1.102.63 fixes two security issues : - memory corruption vulnerability in Matrix3D could lead to code executionn CVE-2012-0768 - integer errors that could lead to information disclosure CVE-2012-0769 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

openSUSE Security Update : samba (openSUSE-SU-2012:0507-1)

" - Add the ldapsmb sources as else patches against them have no chance to apply. - Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe- cution as the 'root' user; PIDL based autogenerated code allows overwriting beyond of allocated array; CVE-2012-1182; bso8815...

openSUSE Security Update : libwebkit (openSUSE-SU-2011:0482-1)

This version upgrade of webkit to 1.2.7 fixes the following bugs : - CVE-2010-2441: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N: Permissions, Privileges, and Access Control CWE-264 - CVE-2010-2901: CVSS v2 Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2010-4042:...

openSUSE Security Update : tomcat6 (openSUSE-SU-2011:0146-1)

This tomcat6 update fixes : - CVE-2010-3718: CVSS v2 Base Score: 4.0 AV:N/AC:H/Au:N/C:P/I:P/A:N: Design Error CWE-DesignError - CVE-2011-0013: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: XSS CWE-79 - CVE-2011-0534: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Resource Management...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

openSUSE Security Update : libpng12 (libpng12-4947)

This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Design Error CWE-DesignError - CVE-2011-2690: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2011-2691: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Other...

openSUSE Security Update : xtrabackup (openSUSE-SU-2013:1864-1)

Percona XtraBackup was updated to 2.1.6 bnc852224 - New Features : - New innobackupex --force-non-empty-directories option - now supports logs created with the new log block checksums - New Features specific to MySQL 5.6: option innodblogchecksumalgorithm in Percona Server 5.6 - Bugs Fixed : -...

openSUSE Security Update : libpng14 (libpng14-4949)

This update of libpng14-14 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Design Error CWE-DesignError - CVE-2011-2690: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2011-2691: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Othe...

openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

openSUSE Security Update : libpng12 (libpng12-4947)

This update of libpng12-0 fixes : - CVE-2011-2501: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P: Design Error CWE-DesignError - CVE-2011-2690: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2011-2691: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Other...

openSUSE Security Update : opera (openSUSE-SU-2011:0103-1)

Opera 11.01 fixes several critical security bugs : - CVE-2011-0681: CVSS v2 Base Score: 4.3 MEDIUM AV:N/AC:M/Au:N/C:N/I:P/A:N: Other CWE-Other - CVE-2011-0682: CVSS v2 Base Score: 9.3 HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C: Buffer Errors CWE-119 - CVE-2011-0683: CVSS v2 Base Score: 4.3 MEDIUM...

openSUSE Security Update : perl-DBD-Pg (openSUSE-SU-2012:0422-1)

perl-DBD-Pg was prone to format string errors which could crash applications %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-180. The text description of this plugin is C SUSE LL...

openSUSE Security Update : openssl (openSUSE-SU-2012:0474-1)

Changes in openssl : - S/MIME verification may erroneously fail - Free headers after use in error message - Symmetric crypto errors in PKCS7decrypt %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

Design/Logic Flaw

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...

Debian Security Advisory DSA 2955-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb2955.nasl 6735 2017-07-17 09:56:49Z...

Google Chrome < 35.0.1916.153 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.153. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist in the file system API. CVE-2014-3154 - An out-of-bounds read error exists related to SPDY. CVE-2014-3155 - A...