Debian Security Advisory DSA 2716-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementation errors may lead to the execution of arbitrary...

Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities

The installed version of Firefox ESR 17.x is earlier than 17.0.7, and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Mozilla Thunderbird ESR 17.x < 17.0.7 Multiple Vulnerabilities

The installed version of Thunderbird ESR 17.x is earlier than 17.0.7 and is, therefore, potentially affected the following vulnerabilities: - Various, unspecified memory safety issues exist. CVE-2013-1682 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities

The installed version of Thunderbird is a version prior to 17.0.7 and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682, CVE-2013-1683 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Oracle Java SE Multiple Vulnerabilities -05 June 13 (Windows)

This host is installed with Oracle Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvuln05jun13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities -05 June 13 Windows Authors: Thanga Prakash S Copyright: Copyright c...

CentOS Update for java CESA-2013:0958 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE Multiple Vulnerabilities -01 June 13 (Windows)

This host is installed with Oracle Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboraclejavasemultvuln01jun13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Multiple Vulnerabilities -01 June 13 Windows Authors: Thanga Prakash S Copyright: Copyright c...

RedHat Update for java-1.7.0-openjdk RHSA-2013:0958-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

java security update

CentOS Errata and Security Advisory CESA-2013:0957 Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring Syste...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

CVE-2013-2445

CVE-2013-2445 is an unspecified vulnerability in the Java Runtime Environment (JRE)/Hotspot affecting availability via unknown vectors, with a note that it may bypass the Java sandbox through memory allocation error handling. Publicly listed affected products include Oracle Java SE 7 Update 21 an...

CVE-2013-2445

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure

VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...

CVE-2013-2445

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous...

Syslog Server 1.2.3 Denial Of Service

!/usr/bin/python Exploit Title: Syslog Server 1.2.3 Date: 12th June 2013 Exploit Author: npn Exploit Author Homepage: http://www.iodigitalsec.com/ Vendor Homepage: http://sourceforge.net/users/ghuysmans Software Link: http://download.cnet.com/Syslog-Server/3000-20854-75868875.html Version: 1.2.3...

Syslog Server 1.2.3 - Crash PoC

Exploit for windows platform in category dos / poc This software suffers validation errors throughout the basic protocol implementation making it possible to cause overflows, type mismatches and so on. Here is a type mismatch crash: echo "pwn"|nc -u 192.168.200.20 514 0day.today 2018-04-05...

Syslog Server 1.2.3 - Crash (PoC)

Syslog Server 1.2.3 - Crash PoC !/usr/bin/python Exploit Title: Syslog Server 1.2.3 Date: 12th June 2013 Exploit Author: npn Exploit Author Homepage: http://www.iodigitalsec.com/ Vendor Homepage: http://sourceforge.net/users/ghuysmans Software Link:...

Syslog Server 1.2.3 - Crash (PoC)

!/usr/bin/python Exploit Title: Syslog Server 1.2.3 Date: 12th June 2013 Exploit Author: npn Exploit Author Homepage: http://www.iodigitalsec.com/ Vendor Homepage: http://sourceforge.net/users/ghuysmans Software Link: http://download.cnet.com/Syslog-Server/3000-20854-75868875.html Version: 1.2.3...