Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors...

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 20.0.1132.43 and is, therefore, affected by the following vulnerabilities : - An error exists related to the loading of the 'metro' DLL. CVE-2012-2764 - An error exists related to the leaking of iframe fragment id...

CVE-2012-2712

Multiple cross-site scripting XSS vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors...

CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

Memory corruption

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service heap memory corruption or possibly gain privileges by leveraging write access to /dev/sequencer...

PT-2012-1526 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue is related to multiple array index errors in the sound/oss/opl3.c file of the Linux kernel. This can be exploited by local users to cause a denial of service, resulting in heap memo...

RHEL 6 : nss, nss-util, and nspr (RHSA-2012:0973)

Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Network Security Services NSS is a set of...

PHP 5.4.x < 5.4.4 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.4, and as such is potentially affected the following vulnerabilities : - An integer overflow error exists in the function 'pharparsetarfile' in the file 'ext/phar/tar.c'. This error can lead to a...

Mozilla Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939...

Mozilla Thunderbird 12.x < 12 Multiple Vulnerabilities

Binary data 801240.prm...

Firefox < 13.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 13.0 and thus, is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Two heap-based buffer overflows and one heap-base...

RedHat Update for webkitgtk RHSA-2011:0177-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2012-34 Miscellaneous memory safety hazards rv:13.0/ rv:10.0.5 MFSA 2012-36 Content Security Policy inline-script bypass MFSA 2012-37 Information disclosure though Windows file shares and shortcut files MFSA 2012-38 Use-after-free while replacing/inserting a node...

Google Chrome < 19.0.1084.52 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 19.0.1084.52 and is, therefore, affected by the following vulnerabilities : - An error exists in the v8 JavaScript engine that can cause application crashes during garbage collection. CVE-2011-3103 - An out-of-bounds read...

Google Chrome < 19.0.1084.52 Multiple Vulnerabilities

Binary data 6490.pasl...

Wireshark 1.6.x < 1.6.8 Multiple Denial of Service Vulnerabilities

The installed version of Wireshark is 1.6.x before 1.6.8. This version is affected by the following vulnerabilities : - Input validation errors exist in the dissectors for ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 that can allow specially crafted packets to cause...

bind-dyndb-ldap: Bind DoS (named hang) by processing DNS query for zone served by bind-dyndb-ldap

The handleconnectionerror function in ldaphelper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service infinite loop and named server hang via a non-alphabet character in the base DN in an LDAP search DNS query...

Google Chrome < 19.0.1084.46 Multiple Vulnerabilities

Binary data 800898.prm...

Google Chrome < 19.0.1084.46 Multiple Vulnerabilities

Binary data 6487.pasl...