OpenSC < 0.12.0 Smart Card Serial Number Multiple Buffer Overflow Vulnerabilities - Windows

OpenSC is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java Access Manager And OpenSSO Unspecified Vulnerability

The host is running Access Manager or OpenSSO and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: secpodoraclesamnopenssounspecifiedvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Oracle Java Access Manager and OpenSSO Unspecified Vulnerability Authors: Antu Sanadi Copyright:...

Cross-site Scripting (XSS) Vulnerabilities in Gollos

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Gollos which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Gollos 1.1 The vulnerability exists due to input sanitation errors in the "returnurl" paramet...

RedHat Update for openoffice.org and openoffice.org2 RHSA-2011:0181-01

Check for the Version of openoffice.org and openoffice.org2 OpenVAS Vulnerability Test RedHat Update for openoffice.org and openoffice.org2 RHSA-2011:0181-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...

CVE-2010-3454

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

CVE-2010-3454

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC fi...

CVE-2010-3454

OpenOffice.org/OpenOffice.org2/3.x before 3.3 is affected by multiple off-by-one and out-of-bounds write flaws in WW8DopTypography::ReadFromMem (OOo), triggered by crafted Word .DOC typography data. This can cause denial of service or arbitrary code execution. Remediation: apply the patched/OpenO...

Google Chrome multiple vulnerabilities - Jan11 (Linux)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjan11lin.nasl 7052 2017-09-04 11:50:51Z teissa $ Google Chrome Multiple Vulnerabilities - Jan11 Linux Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone Networks...

Fedora 14 : myproxy-5.3-1.fc14 (2011-0514)

Release 5.3 fixes a myproxy-logon security bug in MyProxy versions 5.0-5.2 that disabled server identity verification : The myproxy-logon program in MyProxy versions 5.0 through 5.2 does not enforce the check that the myproxy-server's certificate contains the expected hostname or identity. The...

SuSE 10 Security Update : libxmlrpc (ZYPP Patch Number 6857)

This update of libxmlrpc is not vulnerable anymore to denial of service bugs that can occur while processing malformed XML input. - CVE-2009-3720: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Insufficient Information CWE-noinfo CVE-2009-3560: CVSS v2 Base Score: 5.0 MEDIUM...

RHEL 6 : webkitgtk (RHSA-2011:0177)

Updated webkitgtk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

Moderate: Red Hat Security Advisory: webkitgtk security update

Updated webkitgtk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

SuSE 10 Security Update : ed (ZYPP Patch Number 7301)

This update fixes a heap-based buffer overflow in ed which can be exploited remotely only with user-assistance. CVE-2008-3916: CVSS v2 Base Score: 9.3 HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C: Buffer Errors. CWE-119 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin i...

Multiple Vulnerabilities in ReOS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ReOS which could be exploited to perform SQL injection attacks and compromise vulnerable system. 1 SQL injection vulnerabilities in ReOS 1.1 The vulnerability exists due to input sanitation errors in the...

CVE-2011-0491

The torrealloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors, related to "underflow errors."...

CVE-2011-0491

The torrealloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors, related to "underflow errors."...

Design/Logic Flaw

The torrealloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors, related to "underflow errors."...

CVE-2011-0491

CVE-2011-0491 affects Tor up to 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha, where tor_realloc does not validate a size value during memory allocation, potentially causing a denial of service (daemon crash) via underflow in memory handling. Impact is limited to service stability; no explicit remot...

CVE-2011-0491

The torrealloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors, related to "underflow errors."...

CVE-2011-0491

The torrealloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service daemon crash via unspecified vectors, related to "underflow errors."...