DSA-3324-1 icedove - security update

Bulletin has no description...

OracleVM 3.3 : libxml2 (OVMSA-2015-0097)

The remote OracleVM system is missing necessary patches to address critical security updates : - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball - CVE-2015-1819 Enforce the reader to run in constant memoryrhbz1214163 - Stop parsing on entities...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Firefox ESR browser, which allows a hacker to execute arbitrary code

The vulnerability of the PDF.js module for the Firefox ESR browser is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, by circumventing current access restrictions...

OracleVM 3.3 : bind (OVMSA-2015-0105)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2015-5477 - Fix CVE-2015-4620 - Resolves: 1215687 - DNS resolution failure in high load environment with SERVFAIL and 'out of memory/success' in the log - Fix CVE-2015-1349 - Enable RPZ-NSIP a...

Debian: Security Advisory (DSA-3324-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

Vulnerabilities in the Google Chrome browser that allow a hacker to trigger a service failure

The multiple vulnerabilities of the Google Chrome browser are related to code errors. Exploiting these vulnerabilities can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Firefox browser, which allows a hacker to influence the operation of the program

The vulnerability in the nsZipArchive.cpp component, which allows access to arbitrary memory cells of the Firefox browser, is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to influence the operation of the program using a specially crafted ZIP archive...

Oracle Linux 6 : freeradius (ELSA-2015-1287)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1287 advisory. 2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug11893...

freeradius security, bug fix, and enhancement update

2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug1189386 radiusd fails to start after 'clean' installation 2.2.6-3 - Disable OpenSSL version check Resolves: Bug1189011 2.2.6-2 - Fix a number ...

Adobe AIR < 17.0.0.172 Multiple Vulnerabilities (APSB15-06)

Binary data 8834.prm...

The vulnerability of the Internet Explorer browser, which allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the Internet Explorer browser is related to resource management errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures by using a specially crafted website...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...