CVE-2013-5962

The CVE-2013-5962 entry relates to the WordPress plugin Complete Gallery Manager (before 3.3.4 rev40279). Affected component: frames/upload-images.php which permits an unrestricted file upload. Root cause: uploading a file with an executable extension allows remote attackers to access the uploade...

Implement clickjacking protection on https://answers.atlassian.com/

We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to clickjacking|http://en.wikipedia.org/wiki/Clickjacking. This can be fixed by sending a X-Frame-Options header with a value of SAMEORIGIN. This will prevent answers from being displayed ...

Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

Cisco Intrusion Prevention System Jumbo Frame Denial of Service (cisco-sa-20080618-ips)

According to its self-reported version, the version of the Cisco Intrusion Prevention System Software running on the remote host may be vulnerable to a denial of service DoS attack caused by a kernel panic. This is due to the handling of jumbo Ethernet frames when gigabit network interfaces are...

Firefox < 23.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...

Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 17.x is earlier than 17.0.8 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701 - Unspecified errors exist related to HTML frames and history handling,...

Firefox < 23.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by multiple vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...

CVE-2013-2881

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Authentication flaw

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

DEBIAN-CVE-2013-4162

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

CVE-2011-3593

A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...

Design/Logic Flaw

A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...

CVE-2011-3593

A certain Red Hat patch to the vlanhwacceldoreceive function in net/8021q/vlancore.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows remote attackers to cause a denial of service system crash via priority-tagged VLAN frames...

OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the...

CVE-2013-2431

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the...

OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the...

CentOS Update for xen CESA-2013:0599 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for qemu-kvm RHSA-2013:0609-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for xen RHSA-2013:0599-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for qemu-kvm RHSA-2013:0609-01

Check for the Version of qemu-kvm OpenVAS Vulnerability Test RedHat Update for qemu-kvm RHSA-2013:0609-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...