CVE-2014-0983

Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/serverdispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromi...

CVE-2014-0983

Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/serverdispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromi...

CVE-2014-0983

CVE-2014-0983 affects Oracle VirtualBox 4.2.x (through 4.2.20) and 4.3.x (before 4.3.8). It describes multiple array-index errors in VBox’s generated OpenGL/SharedOpenGL server code (server_dispatch.py) that, when 3D acceleration is enabled, permit local guest OS users to execute arbitrary code o...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Mar 2014) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox Multiple Vulnerabilities-01 (Mar 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CVE-2014-2386

Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service crash via unspecified vectors to the 1 displaynavtable, 2 printexportlink, 3 pagenumselector, or 4 pagelimitselector function in cgi/cgiutils.c or 5 statuspagenumselector functio...

Stack overflow

Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service crash via unspecified vectors to the 1 displaynavtable, 2 printexportlink, 3 pagenumselector, or 4 pagelimitselector function in cgi/cgiutils.c or 5 statuspagenumselector functio...

CVE-2014-2386

Removed by vendor...

CVE-2014-2386

CVE-2014-2386 affects the Icinga monitoring system. The connected documents confirm multiple off-by-one/buffer overflow issues in the CGI helpers, specifically in files cgi/cgiutils.c (display_nav_table, print_export_link, page_num_selector, page_limit_selector) and cgi/status.c (status_page_num_...

kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs()

The getrxbufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux RHEL 6 does not properly handle vhostgetvqdesc errors, which allows guest OS users to cause a denial of service host OS crash via unspecified...

Debian DSA-2881-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service...

Debian Security Advisory DSA 2881-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service...

[Lynis 1.4.6] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...

Ubuntu Update for linux-lts-quantal USN-2135-1

Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN21351.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-lts-quantal USN-2135-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-2138-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome < 33.0.1750.149 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.149. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'speech' and 'web database' processing. CVE-2014-1700, CVE-2014-1702 - An input validation error...

DEBIAN-CVE-2014-0092

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

Google Chrome < 33.0.1750.146 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.146. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling SVG images and speech recognition processing. CVE-2013-6663, CVE-2013-6664 - An error exis...

Google Chrome < 33.0.1750.146 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.146. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling SVG images and speech recognition processing. CVE-2013-6663, CVE-2013-6664 - An...

gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...