DSA-3559-1 iceweasel - security update

Bulletin has no description...

Debian Security Advisory DSA 3559-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3559.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3559-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks Gm...

Debian: Security Advisory (DSA-3559-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Internet Explorer browser, which allows a hacker to elevate their privileges

The vulnerability of the Internet Explorer browser is related to errors during the loading of DLLs. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges through a specially created application...

The vulnerability of the PostgreSQL database management system allows attackers to circumvent existing access restrictions.

The vulnerability of the PostgreSQL database management system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions by using a session that executes queries from more than one role...

The vulnerability of Microsoft Edge browser allows a hacker to bypass existing access restrictions policies.

The vulnerability of Microsoft Edge is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass existing access control policies...

The vulnerability of Microsoft Edge browser allows a hacker to bypass existing access restrictions policies.

The vulnerability of Microsoft Edge is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass existing access control policies...

CVE-2016-4062

Foxit Reader and PhantomPDF before 7.3.4 on Windows improperly report format errors recursively, which allows remote attackers to cause a denial of service application hang via a crafted PDF...

OpenSSH < 6.9 Multiple Vulnerabilities

Binary data 9308.prm...

CVE-2016-2390

The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service application crash via a plaintext HTTP message...

CVE-2016-2390

The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL handshake errors when built with the --with-openssl option, which allows remote attackers to cause a denial of service application crash via a plaintext HTTP message...

The vulnerability of the Flash Player software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the Flash Player software is related to errors in its code. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code resulting in the termination of the application...

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a intruder to trigger a service failure.

The vulnerability of the microprogramming software of the Cisco TelePresence Server device is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures such as memory consumption or device restarting through a specially crafted HTTP...

The vulnerability of the microprogramming software of the Cisco TelePresence Server allows a intruder to trigger a service failure.

The vulnerability of the kernel of microprogramming software in Cisco TelePresence Server devices is related to resource management errors. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially crafted IPv6 packets...

The vulnerability of the Firefox browser, which allows a hacker to execute arbitrary code

The vulnerability of Firefox browsers is related to errors in the storage of properties of decompressed objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using specially crafted JavaScript variables...

Foxit Reader < 7.3.4 Multiple Vulnerabilities

The version of Foxit Reader installed on the remote Windows host is prior to 7.3.4. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists that is triggered when handling FlateDecode streams. An unauthenticated, remote attacker can exploit this, via a crafted PDF...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system’s Smart Install client implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure device reboot through the list of image parameters created by the Smart Install...

V8 browser engine vulnerability, which allows a hacker to trigger a service failure or cause other effects

The multiple vulnerabilities in the V8 browser kernel are associated with code errors. Exploitation of these vulnerabilities may allow a remote attacker to cause system failures or potentially have other adverse effects...

The vulnerability of the Safari browser, which allows a hacker to replace the user interface

The vulnerability of Safari browser is related to incorrect data processing. Exploiting this vulnerability allows a malicious actor to replace the user interface through a web page that replaces the actual text...

The vulnerability of the Android operating system allows a hacker to replace the server

The vulnerability of the caching function in the TrustManagerImpl class TrustManagerImpl.java of the Conscrypt component in the Android operating system is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to replace servers by accessing...