Adobe Flash Player <= 23.0.0.207 Multiple Vulnerabilities (APSB16-39)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 23.0.0.207. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist that allow an unauthenticated, remote attacker to execute arbitrary code. CVE-2016-7872,...

CVE-2016-9899

Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

Debian DSA-3730-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

ALPINE-CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

UBUNTU-CVE-2016-9853

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

UBUNTU-CVE-2016-9852

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

Debian Security Advisory DSA 3730-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3730.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3730-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

Debian: Security Advisory (DSA-3730-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unbreakable Enterprise kernel security update

2.6.39-400.293.1 - logging errors that get masked to EIO inside drivers/block/loop.c Manjunath Patil Orabug: 21962821 - sched/core: Clear the rootdomain cpumasks in initrootdomain Xunlei Pang Orabug: 23518650 - bio allocation failure due to biogetnrvecs Darrick J. Wong Orabug: 23852442 - mlx4:...

UBUNTU-CVE-2016-9839

In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails...

PT-2016-7839 · Mapserver · Mapserver

Name of the Vulnerable Software and Affected Versions: MapServer versions prior to 7.0.3 Description: The issue is related to the OGR driver in MapServer, where error messages are too verbose. This verbosity may lead to the leakage of sensitive information if a data connection fails...

XenMobile Domain users unable to authenticate - LDAP response read timed out, timeout used

If domain users or admins are failing to authenticate to XenMobile, verify if the following error appears in the debug log 2016-04-05T10:25:50.128+0000 | 5EAF1FBBC192FC0D | WARN | http-nio-10080-exec-77 | com.sparus.nps.apple.security.AuthUtils | Forcing LDAP auth: cannot refresh user data:...

Apple OS X Server Multiple Vulnerabilities (Dec 2016)

Apple OS X Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:apple:osxserver";...

Debian DLA-730-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. A man-in-the-middle attack in the addon update mechanism ha...

[SECURITY] [DLA 730-1] firefox-esr security update

Package : firefox-esr Version : 45.5.1esr-1deb7u1 CVE ID : CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation erro...

MDM enrollment failing for iOS and Android devices, but MAM enrollment works fine

On iOS, the enrollment fails during the second profile installation - The error is "Profile installation failed: profile failed to install" On Android, you see "Access to your company network is not available" Enrolling directly against the Gateway MAM works fine. The server-side logs are showing...

Some Workspace Environment Management security settings are not getting applied

Some WEM-related security settings such as hiding the Run menu or blocking access to system drives are not being applied, and the Agent log throws errors such as these: Exception - VuemEnvironmentalSettingsController.ExecuteEntityPolicySettings : Attempted to perform an unauthorized operation...

CVE-2016-9067

Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox 50...