Debian Security Advisory DSA 3123-1 (binutils - security update)

Multiple security issues have been found in binutils, a toolbox for binary file manipulation. These vulnerabilities include multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security...

Mandriva Linux Security Advisory : unzip (MDVSA-2015:016)

Updated unzip package fix security vulnerabilities : The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in in arbitrary code...

Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)

A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...

WordPress plugin Frontend Uploader 'errors' parameter cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Frontend Uploader 'errors' parameter of the WordPress plugin because it...

Adobe Shockwave Player <= 11.5.9.615 (APSB11-01) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.9.615 or earlier. It is, therefore, affected by multiple vulnerabilities : - Several unspecified errors exist in the 'dirapi.dll' module that allow arbitrary code execution. CVE-2010-2587, CVE-2010-2588,...

MGASA-2014-0541 Updated ntp packages fix security vulnerabilities

Updated ntp packages fix security vulnerabilities: If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated CVE-2014-9293. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys...

Adobe Reader Multiple Vulnerabilities-01 (Dec 2014) - Windows

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Adobe Acrobat Multiple Vulnerabilities-01 (Dec 2014) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Adobe Reader Multiple Vulnerabilities-01 (Dec 2014) - Mac OS X

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

[USN-2435-1] Graphviz vulnerability

========================================================================== Ubuntu Security Notice USN-2435-1 December 09, 2014 graphviz vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28) (Mac OS X)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28) (Mac OS X)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

USN-2435-1 graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

USN-2435-1: Graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

Ubuntu 14.04 LTS : Graphviz vulnerability (USN-2435-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2435-1 advisory. It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

CVE-2014-9029

Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...

[SECURITY] [DSA 3092-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3092-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 07, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3090-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3090.nasl 6735 2017-07-17 09:56:49Z teissa $ Auto-generated from advisory DSA 3090-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2014 Greenbone Networks GmbH...