Adobe Reader < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28) (Mac OS X)

The version of Adobe Acrobat installed on the remote host is a version prior to 10.1.13 / 11.0.10. It is, therefore, affected by the following vulnerabilities : - Memory corruption errors exist that allow arbitrary code execution. CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456,...

USN-2435-1 graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

USN-2435-1: Graphviz vulnerability

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

Ubuntu 14.04 LTS : Graphviz vulnerability (USN-2435-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2435-1 advisory. It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code...

CVE-2014-9029

Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...

[SECURITY] [DSA 3092-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3092-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 07, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3090-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3090.nasl 6735 2017-07-17 09:56:49Z teissa $ Auto-generated from advisory DSA 3090-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2014 Greenbone Networks GmbH...

DSA-3090-1 iceweasel - security update

Bulletin has no description...

unzip -- input sanitization errors

oCERT reports: The UnZip tool is an open source extraction utility for archives compressed in the zip format. The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification, the testcompreb and the getZip64Data functions. The input errors may result in...

mysql: Remote Preauth User Enumeration flaw

Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames...

Fedora 19 : phpMyAdmin-4.2.12-1.fc19 (2014-15535)

phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...

Google Chrome Multiple Vulnerabilities - 01 (Nov 2014) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Medium: libX11, libXcursor, libXfixes, libXi, libXrandr, libXrender, libXres, libXt, libXv, libXvMC, libXxf86dga, libXxf86vm, libdmx, xorg-x11-proto-devel

Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws t...

Project Zero Patch Tuesday roundup, November 2014

Posted by Chris Evans, Registrar of Bugs It’s been about a week since Patch Tuesday, and the Project Zero reports mentioned in the various advisories are now public. We won’t always be writing a Patch Tuesday roundup, but we often will when we believe there is a sufficiently varied and interestin...

Adobe Flash Player Multiple Vulnerabilities (APSB14-24) - Linux

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

Adobe Flash Player Multiple Vulnerabilities (APSB14-24) - Windows

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

Adobe AIR Multiple Vulnerabilities (APSB14-24) - Mac OS X

Adobe AIR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer"; ifdescription...

[SECURITY] [DSA 3050-3] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3050-3 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 12, 2014 http://www.debian.org/security/faq -...