Google Chrome < 33.0.1750.146 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.146. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling SVG images and speech recognition processing. CVE-2013-6663, CVE-2013-6664 - An...

gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

Microsoft PowerPoint Viewer 2003 MSODRAWING Property Heap Buffer Overflow - Ver2 (CVE-2008-0121)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. Remote code execution vulnerabilities have been identified in Microsoft PowerPoint. The vulnerabilities are due to memory calculation errors in Microsoft PowerPoint when processing a malformed picture inde...

CVE-2012-2134

The handleconnectionerror function in ldaphelper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service infinite loop and named server hang via a non-alphabet character in the base DN in an LDAP search DNS query...

Design/Logic Flaw

The handleconnectionerror function in ldaphelper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service infinite loop and named server hang via a non-alphabet character in the base DN in an LDAP search DNS query...

CVE-2012-2134

Removed by vendor...

Google Chrome Multiple Vulnerabilities-02 (Feb 2014) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

[Lynis 1.4.2] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...

Google Chrome < 33.0.1750.117 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.117. It is, therefore, affected by the following vulnerabilities : - An error exists related to relative path in Windows sandbox named pipe policy. CVE-2013-6652 - Use-after-free errors exist related to...

Google Chrome < 33.0.1750.117 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.117. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling web components and layout. CVE-2013-6653, CVE-2013-6655, CVE-2013-6658 - A castin...

CVE-2013-7328

CVE-2013-7328 affects PHP 5.5.x before 5.5.9 due to multiple integer signedness errors in the gdImageCrop function (ext/gd/gd.c). A remote attacker can trigger a denial of service (application crash) or information disclosure by calling imagecrop with a negative x or y dimension. The issue is tie...

CVE-2013-7328

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...

[BSA-092] Security Update for pidgin

intrigeri uploaded new packages for pidgin which fixed the following security problems: CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. CVE-2013-6478 Pidgin could be crashed through overly wide...

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

Binary data 8125.prm...

Debian Security Advisory DSA 2858-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or...

DSA-2858-1 iceweasel - several

Bulletin has no description...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Pidgin/libpurple prior to version 2.10.8 is vulnerable to a denial of service via a crafted timestamp in an XMPP message, caused by multiple integer signedness errors in the codepath handling XMPP timestamps. The issue is explicitly identified as CVE-2013-6477. Connected advisories show that the ...