Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05324)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05325)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...

Debian DSA-3333-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

[SECURITY] [DSA 3333-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3333-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3333.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3333-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

PHP 5.5.x < 5.5.28 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.28. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free errors exist in splarray.c, splobserver.c, and spldllist.c due to improper sanitization of input to the...

Adobe AIR <= 18.0.0.180 Multiple Vulnerabilities (APSB15-19)

According to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 18.0.0.180. It is, therefore, affected by multiple vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555,...

Adobe Flash Player <= 18.0.0.209 Multiple Vulnerabilities (APSB15-19)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.209. It is, therefore, affected by the following vulnerabilities : - Multiple type confusion errors exist that allow an attacker to execute arbitrary code. CVE-2015-5554, CVE-2015-5555,...

Debian DSA-3324-1 : icedove - security update (Logjam)

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. This update also addresses a vulnerability...

Debian Security Advisory DSA 3324-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3324.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3324-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks GmbH...

DSA-3324-1 icedove - security update

Bulletin has no description...

OracleVM 3.3 : libxml2 (OVMSA-2015-0097)

The remote OracleVM system is missing necessary patches to address critical security updates : - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball - CVE-2015-1819 Enforce the reader to run in constant memoryrhbz1214163 - Stop parsing on entities...

Debian: Security Advisory (DSA-3324-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 : bind (OVMSA-2015-0105)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2015-5477 - Fix CVE-2015-4620 - Resolves: 1215687 - DNS resolution failure in high load environment with SERVFAIL and 'out of memory/success' in the log - Fix CVE-2015-1349 - Enable RPZ-NSIP a...

Oracle Linux 6 : freeradius (ELSA-2015-1287)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1287 advisory. 2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug11893...

freeradius security, bug fix, and enhancement update

2.2.6-4 - Move OpenSSL init out of version check Resolves: Bug1189394 radiusd segfaults after update - Comment-out ippool-dhcp.conf inclusion Resolves: Bug1189386 radiusd fails to start after 'clean' installation 2.2.6-3 - Disable OpenSSL version check Resolves: Bug1189011 2.2.6-2 - Fix a number ...

Adobe AIR < 17.0.0.172 Multiple Vulnerabilities (APSB15-06)

Binary data 8834.prm...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...