SuSE 11.3 Security Update : unzip (SAT Patch Number 10159)

This update fixes the following security issues : - heap overflow condition in the CRC32 verification. CVE-2014-8139 - write error 8349 shows a problem in extract.c:testcompreb. CVE-2014-8140 - read errors 6430, 3422 show problems in process.c:getZip64Data. CVE-2014-8141 %NASLMINLEVEL 70300 C...

Debian: Security Advisory (DSA-3132-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3127-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service. %NASLMINLEVEL 70300 C Tenable Network Security,...

[SECURITY] [DSA 3127-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3127-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 14, 2015 http://www.debian.org/security/faq -...

DSA-3127-1 iceweasel - security update

Bulletin has no description...

Apache qpid DoS

Multiple asserts...

[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3123-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 13, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3127-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3127.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3127-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3123-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 13, 2015 http://www.debian.org/security/faq -...

CVE-2014-10024

CVE-2014-10024 involves multiple integer signedness errors in DirectShowDemuxFilter, used by Divx Web Player, Divx Player, and other Divx plugins. The flaw arises when parsing the Stream Format (STRF) chunk in an AVI file, where a negative or excessively large value can trigger a heap-based buffe...

CVE-2014-10024

Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a 1 negative or 2 large value in a Stream Format STRF chunk in an AVI file, which triggers a heap-based buffer overflo...

DSA-3123-2 binutils-mingw-w64 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3127-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3123-1 : binutils - security update

Multiple security issues have been found in binutils, a toolbox for binary file manipulation. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security...

DSA-3123-1 binutils - security update

Bulletin has no description...

Debian Security Advisory DSA 3123-1 (binutils - security update)

Multiple security issues have been found in binutils, a toolbox for binary file manipulation. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security...

Mandriva Linux Security Advisory : unzip (MDVSA-2015:016)

Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...

Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)

A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...

WordPress plugin Frontend Uploader 'errors' parameter cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Frontend Uploader 'errors' parameter of the WordPress plugin because it...

Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.615 or earlier. It is, therefore, affected by multiple vulnerabilities : - Several unspecified errors exist in the 'dirapi.dll' module that allow arbitrary code execution. CVE-2010-2587, CVE-2010-2588,...