Debian Security Advisory DSA 3393-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3393.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3393-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

UBUNTU-CVE-2015-8035

The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data...

CVE-2010-3310

Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...

CVE-2007-1522

Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an...

CVE-2007-2176

Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175...

Vulnerabilities in the Google Chrome browser that allow a hacker to trigger a service failure

The multiple vulnerabilities of the Google Chrome browser are related to code errors. Exploiting these vulnerabilities can allow a malicious actor to cause service interruptions remotely...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the libANGLE component in the Google Chrome browser is related to errors in the code. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Flash Player software is related to errors in its code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted SWF file...

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the xdrstatusvector function in the Firebird database management system is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the TraceManager component in the Firebird database management system is related to resource management errors. Exploiting this vulnerability allows an attacker to cause service failures by generating empty dynamic SQL queries from a remote location...

The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow attackers to compromise information security.

The vulnerability of Adobe Integrated Runtime and Flash Player programs is related to errors in the processing of the Flash broker API. Exploiting this vulnerability can allow a malicious actor to compromise information security remotely...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system’s RADIUS client implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger service interruptions by sending specially crafted messages via the RADIUS protocol...

Vulnerabilities in the Google Chrome browser that allow a hacker to trigger a service failure

The multiple vulnerabilities of the Google V8 browser component in Google Chrome are related to code errors. Exploiting these vulnerabilities could allow a malicious actor to cause service interruptions remotely...

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the Blink component in Google Chrome browser is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass existing access control policies...

Oracle MySQL Multiple Unspecified Vulnerabilities-02 (Oct 2015) - Windows

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...

Oracle MySQL Unspecified Vulnerability-04 (Oct 2015) - Windows

Oracle MySQL is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescripti...

Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Samsung fimg2d - FIMG2DBITBLTBLIT ioctl Concurrency Flaw Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains...

Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors such as...

Oracle MySQL Multiple Unspecified Vulnerabilities-05 (Oct 2015) - Windows

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...

DEBIAN-CVE-2015-7298

ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle MITM attacks by leveraging a server using a self-signed...