Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.615 or earlier. It is, therefore, affected by multiple vulnerabilities : - Several unspecified errors exist in the 'dirapi.dll' module that allow arbitrary code execution. CVE-2010-2587, CVE-2010-2588,...

MGASA-2014-0541 Updated ntp packages fix security vulnerabilities

Updated ntp packages fix security vulnerabilities: If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated CVE-2014-9293. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys...

Adobe Acrobat Multiple Vulnerabilities-01 (Dec 2014) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Adobe Reader Multiple Vulnerabilities-01 (Dec 2014) - Windows

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

[USN-2435-1] Graphviz vulnerability

========================================================================== Ubuntu Security Notice USN-2435-1 December 09, 2014 graphviz vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Adobe Reader Multiple Vulnerabilities-01 (Dec 2014) - Mac OS X

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28) (Mac OS X)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28) (Mac OS X)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

USN-2435-1 graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

USN-2435-1: Graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

Ubuntu 14.04 LTS : Graphviz vulnerability (USN-2435-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2435-1 advisory. It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

CVE-2014-9029

Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...

[SECURITY] [DSA 3092-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3092-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 07, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3090-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3090.nasl 6735 2017-07-17 09:56:49Z teissa $ Auto-generated from advisory DSA 3090-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2014 Greenbone Networks GmbH...

DSA-3090-1 iceweasel - security update

Bulletin has no description...

unzip -- input sanitization errors

oCERT reports: The UnZip tool is an open source extraction utility for archives compressed in the zip format. The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification, the testcompreb and the getZip64Data functions. The input errors may result in...

mysql: Remote Preauth User Enumeration flaw

Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames...

Fedora 19 : phpMyAdmin-4.2.12-1.fc19 (2014-15535)

phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...