SUSE-SU-2016:0715-1 Security update for flash-player

Adobe flash-player was updated to 11.2.202.577 to fix the following list of security issues bsc970547: These updates resolve integer overflow vulnerabilities that could lead to code execution CVE-2016-0963, CVE-2016-0993, CVE-2016-1010. These updates resolve use-after-free vulnerabilities that...

VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - bind - expat - nspr and nss - python - vSphere API %NASLMINLEVEL 7030...

flash-plugin: multiple code execution issues fixed in APSB16-01

Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary cod...

openSUSE Security Update : xen (openSUSE-2015-729)

xen was updated to fix 13 security issues. These security issues were fixed : - CVE-2015-7972: Populate-on-demand balloon size inaccuracy can crash guests bsc951845. - CVE-2015-7969: Leak of main per-domain vcpu pointer array DoS bsc950703. - CVE-2015-7969: Leak of per-domain profiling-related vc...

SUSE-SU-2015:1740-1 Security update for flash-player

flash-player was updated to version 11.2.202.535 to fix 13 security issues bsc950169. These security issues were fixed: - A vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-7628. - A defense-in-depth feature in the Flash broker API...

Multiple Remote Code Execution Vulnerabilities in PHP

PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. PHP has multiple remote code execution vulnerabilities in the unserialize function, which can be exploited by an attacker to execute arbitrary code...

SUSE-SU-2015:0491-1 Security update for flash-player

Adobe Flash Player was updated to 11.2.202.451 bsc922033. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution CVE-2015-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339. - Type confusion vulnerabilities that could lead to code execution...

HP OPOS CCO Drivers RCE Vulnerabilities

The HP OLE Point of Sale OPOS Common Control Objects CCO drivers installed on the remote host are prior to version 1.13.003. They are, therefore, potentially affected by unspecified vulnerabilities in the following ActiveX controls : - OPOSCashDrawer.ocx - OPOSCheckScanner.ocx - OPOSLineDisplay.o...

U-Mail Mail Service system arbitrary file upload+execution vulnerabilities runtime defects and authentication bypass）-bug warning-the black bar safety net

Brief description: PRODUCT DESCRIPTIONtaken from website U-Mail focus on email field 1 to 5 years, for enterprises to easily build the most secure and stable e-mail system software. Keywords: 1 5 years the safest most stable 1 5 year the safest and most stable , woxaole,so wonderful code, so...

CVE-2014-0479

reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows remote attackers to execute arbitrary commands via vectors related to compareversions and reportbug/checkversions.py...

Distributed Ruby Send instance_eval/syscall Code Execution

No description provided by source. $Id: drbremotecodeexec.rb 12161 2011-03-27 20:00:06Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

RealNetworks RealPlayer Code Execution Vulnerabilities - Dec12 (Windows)

This host is installed with RealPlayer which is prone to multiple code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbrealplayercodeexecvulndec12win.nasl 5988 2017-04-20 09:02:29Z teissa $ RealNetworks RealPlayer Code Execution Vulnerabilities - Dec12 Windows Authors: Rachana Shetty...

Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework

Advisory ID: HTB23127 Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: 0.1.3, 0.1.4 and probably prior Tested Versions: 0.1.3, 0.1.4 Vendor Notification: November 19, 2012 Public Disclosure: December 10, 2012 Vulnerability Type: OS Command Injection CWE-78...

First Windows 8 and Windows RT Security Updates Due Next Week

Plenty is happening on the Microsoft patch management front. First, Adobe agreed to sync up its patch release cycles with Microsoft’s on the second Tuesday of every month, moving away from quarterly releases. And now on Tuesday, Microsoft will release its first security updates since the release ...

Blueberry FlashBack SDK 'BB FlashBack Recorder.dll' Remote Code Execution

The remote host has a vulnerable version of the Blueberry 'BB FlashBack Recorder.dll' control installed. This control is affected by multiple unspecified remote code execution vulnerabilities related the 'FBRecorder' class and the 'Start', 'PauseAndSave', 'InsertMarker', 'InsertSoundToFBRAtMarker...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422)

This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of...

Microsoft warning to XP users: Update Flash Player Now

Microsoft has shipped a security advisory with an urgent message for Windows XP users: Update your Flash Player immediately. The Adobe Flash Player 6 that ships by default in Windows XP is vulnerable to multiple code execution vulnerabilities that could lead to PC takeover attacks, according to t...

SuSE 11 Security Update : acroread_ja (SAT Patch Number 1170)

This update of acroread fixes the following vulnerabilities : - stack overflow that could lead to code execution. CVE-2009-1855 - integer overflow with potential to lead to arbitrary code execution. CVE-2009-1856 - memory corruption with potential to lead to arbitrary code execution. CVE-2009-185...

CVE-2006-4192

Multiple buffer overflows in MODPlug Tracker OpenMPT 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via 1 long strings in ITP files used by the CSoundFile::ReadITProject functi...

MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution

MySQL 4.x - CREATE FUNCTION Arbitrary libc Code Execution source: https://www.securityfocus.com/bid/12781/info MySQL is reported prone to multiple vulnerabilities that can be exploited by a remote authenticated attacker. The following individual issues are reported: - Insecure temporary...