CVE-2011-0065

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel...

CVE-2011-1684

Heap-based buffer overflow in the MP4ReadBoxskcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted MP4 file...

Memory corruption

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause ...

Null pointer dereference

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...

CVE-2011-1301

Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors...

postgresql84 security update

CentOS Errata and Security Advisory CESA-2011:0198 Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS ba...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

Check for the Version of ffmpeg OpenVAS Vulnerability Test Mandriva Update for ffmpeg MDVSA-2011:060 ffmpeg Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CVE-2011-1568

Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in 7-Technologies Interactive Graphical SCADA System IGSS allows remote attackers to cause a denial of service and possibly execute arbitrary code, as...

CVE-2011-0024

Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted capture file...

CVE-2011-0024

Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted capture file...

CVE-2010-4773

Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA 2 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux,...

CVE-2011-0188

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

Memory corruption

QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via an Excel spreadsheet with a crafted formula that uses unspecified opcodes...

CVE-2011-0331

Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document...

Double free

Double free vulnerability in the prepareerroras function in doasreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via an edat...

CVE-2011-0284

CVE-2011-0284 affects MIT Kerberos 5 (krb5) 1.7–1.9 with PKINIT enabled; a double-free in the KDC’s prepare_error_as path (do_as_req.c) enables a remote attacker to crash the daemon or potentially execute code via an e_data field containing typed data. Several advisories (MiracleLinux, Oracle Lin...

CVE-2011-1146

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...

Double free

Double free vulnerability in the iscsirxhandler function usr/iscsi/iscsid.c in the tgt daemon tgtd in Linux SCSI target framework tgt before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via...

Code injection

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...

CVE-2011-1146

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...