Firefox 10.0.x < 10.0.7 Multiple Vulnerabilities

The installed version of Firefox 10.0.x is potentially affected by the following security issues : - Unspecified memory safety issues exist. CVE-2012-1970 - Multiple use-after-free errors exist. CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-395...

CVE-2011-5123

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

ImageMagick < 6.7.5-8 Multiple Vulnerabilities

The remote Windows host is running a version of ImageMagick earlier than 6.7.5-8 and is, therefore, affected by the following vulnerabilities : - The fix for CVE-2012-0247 was incomplete. An integer overflow error still exists and can lead to corrupted memory and arbitrary code execution when...

Stolen Certificates Found in Malware Possibly Targeting Tibetan Groups

The recent trend of attackers using stolen digital certificates to make their malicious executables look legitimate is continuing unabated, with researchers now having come across a series of variants of the Etchfro Trojan that are using certificates taken from several companies and issued by...

Adobe Reader Multiple Vulnerabilities (Apr 2012) - Linux

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Fedora Update for perl-PAR-Packer FEDORA-2011-16856

Check for the Version of perl-PAR-Packer OpenVAS Vulnerability Test Fedora Update for perl-PAR-Packer FEDORA-2011-16856 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

ALFTP may insecurely load executable files

Overview ALFTP may use unsafe methods for determining how to load executables. ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in t...

Fedora Update for perl-PAR-Packer FEDORA-2011-16859

Check for the Version of perl-PAR-Packer OpenVAS Vulnerability Test Fedora Update for perl-PAR-Packer FEDORA-2011-16859 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

[SECURITY] Fedora 16 Update: perl-PAR-Packer-1.010-3.fc16

This module implements the App::Packer::Backend interface, for generating stand-alone executables, perl scripts and PAR files...

.jar not treated as executable in Firefox 3.6 on Mac — Mozilla

Part of the fix for MFSA 2011-40, reported by Mariusz Mlynski, was to treat .jar files as executables. This is necessary because Java treats downloaded .jar files as fully-featured "Applications" rather than restricting them to the limited privileges of in-browser "Applets". The fix taken in...

[USN-1308-1] bzip2 vulnerability

========================================================================== Ubuntu Security Notice USN-1308-1 December 14, 2011 bzip2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu Update for bzip2 USN-1308-1

Ubuntu Update for Linux kernel vulnerabilities USN-1308-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13081.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for bzip2 USN-1308-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1308-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1308-1: bzip2 vulnerability

vladz discovered that executables compressed by bzexe insecurely create temporary files when they are ran. A local attacker could exploit this issue to execute arbitrary code as the user running a compressed executable...

CVE-2011-4089

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory...

JVN#62336482: FFFTP may insecurely load executable files

FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest...

XnView may insecurely load executable files

Overview XnView may use unsafe methods for determining how to load executables .exe XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may...

JVN#17844633: XnView may insecurely load executable files

XnView is a software for viewing and converting graphic files. XnView loads certain executables when using the "Open containing folder" function. XnView contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the...

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system The samhain open source host-based intrusion detection system HIDS provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. It has been...

Google to Add Warnings About Malicious Executables to Chrome

Google is testing a new feature in its Chrome browser that will warn users when they attempt to download a potentially malicious executable file. The feature is an extension of the existing Web-based security mechanisms the company has integrated into Chrome and the Safe Browsing API and will be...