Debian: Security Advisory (DSA-2955-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-2602

Multiple array index errors in the MyHeritage SEQueryObject ActiveX control SearchEngineQuery.dll 1.0.2.0 allow remote attackers to execute arbitrary code via the 1 seTokensArray, or 2 seTokensValuesArray parameter to the AddTokens method; 3 seLastNameTokensArray parameter to the AddLastNameToken...

Security feature bypass

Multiple array index errors in the MyHeritage SEQueryObject ActiveX control SearchEngineQuery.dll 1.0.2.0 allow remote attackers to execute arbitrary code via the 1 seTokensArray, or 2 seTokensValuesArray parameter to the AddTokens method; 3 seLastNameTokensArray parameter to the AddLastNameToken...

CVE-2013-2602

Multiple array index errors in the MyHeritage SEQueryObject ActiveX control SearchEngineQuery.dll 1.0.2.0 allow remote attackers to execute arbitrary code via the 1 seTokensArray, or 2 seTokensValuesArray parameter to the AddTokens method; 3 seLastNameTokensArray parameter to the AddLastNameToken...

GLSA-201406-03 : Fail2ban: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201406-03 Fail2ban: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Fail2ban. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a crafted URL to a websi...

CVE-2012-5876

Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service crash via a long string in the 1 request line or 2 HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow...

UBUNTU-CVE-2014-0240

The modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes...

Patch for Security advisory 2014-05-21 doesn't work in Confluence 3.5.X

h3. Steps to reproduce: Confluence 3.5.13 Installed, booted up Postregres DB Shutdown, applied patch following advisory admin panel not accessible content appears to be missing see errors in the logs: code 2014-05-22 16:28:50,308 ERROR http-8080-1 Standalone.localhost./.action log Servlet.service...

Patch for Security advisory 2014-05-21 doesn't work in Confluence 3.5.X

h3. Steps to reproduce: Confluence 3.5.13 Installed, booted up Postregres DB Shutdown, applied patch following advisory admin panel not accessible content appears to be missing see errors in the logs: code 2014-05-22 16:28:50,308 ERROR http-8080-1 Standalone.localhost./.action log Servlet.service...

Adobe Acrobat Multiple Vulnerabilities - 01 (May 2014) - Mac OS X

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Google Chrome < 35.0.1916.114 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'styles' and 'SVG' handling. CVE-2014-1743, CVE-2014-1745 - An integer overflow error exists relate...

Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'styles' and 'SVG' handling. CVE-2014-1743, CVE-2014-1745 - An integer overflow error exis...

GLSA-201405-19 : MCrypt: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201405-19 MCrypt: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple form...

MCrypt: User-assisted execution of arbitrary code

Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...

Tape Jobs fail with I/O errors or (SCSI) Bus resets

Challenge Failures occur during the File to tape or Backup to tape jobs. The jobname.log shows error messages similar to: error: The request could not be performed because of an I/O device error error: Tape fatal error.\nThe I/O bus was reset Cause Depending on the type of connection, controller ...

PHP 5.5.x < 5.5.9 Multiple Vulnerabilities (May 2014)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

[SECURITY] [DSA 2924-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2924-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 05, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2924-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of...

DSA-2924-1 icedove - security update

Bulletin has no description...

Debian DSA-2918-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, missing permission checks, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code,...