CVE-2011-3110

The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations...

CVE-2011-3113

CVE-2011-3113 affects Google Chrome’s PDF handling. The issue is an invalid cast during colorspace processing, triggered by a crafted PDF, which can cause a denial of service and possibly other impact. Affected software is Chrome prior to 19.0.1084.52. Connected sources corroborate the CVE entry ...

CVE-2011-3112

CVE-2011-3112 is a use-after-free vulnerability in Google Chrome’s PDF functionality. The flaw allows remote attackers to cause a denial of service or possibly other impact via an invalid encrypted PDF document. The affected component is Chrome’s PDF handling code; the vulnerability is associated...

Ubuntu Update for libxml2 USN-1447-1

Ubuntu Update for Linux kernel vulnerabilities USN-1447-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14471.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libxml2 USN-1447-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5927)

The SUSE Linux Enterprise 10 Service Pack 2 kernel was updated to fix some security issues and various bugs. The following security problems have been fixed : - net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service kernel infinite loop by making two calls to svcliste...

SuSE 10 Security Update : the Linux Kernel (x86_64) (ZYPP Patch Number 6730)

This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraidsas driver was worldwriteable, allowing local users to cause a denial of service or potential code...

CVE-2011-3097

The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions...

Design/Logic Flaw

Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding...

Design/Logic Flaw

The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions...

Netgear WNDRMAC 1.0.0.22 Information Disclosure

Sense of Security - Security Advisory - SOS-12-005 Release Date. 13-May-2012 Last Update. - Vendor Notification Date. 06-Mar-2012 Product. NETGEAR WNDRMAC Platform. Hardware Affected versions. 1.0.0.22 and below Severity Rating. High Impact. Exposure of sensitive information Attack Vector. From...

Fedora 17 : puppet-2.7.13-1.fc17 (2012-6674)

With Fedora 17 using ruby-1.9.3, an update to puppet-2.7, which has improved support for ruby-1.9, is required. Note that ruby-1.9 is not fully supported in the puppet-2.7 series. Where possible, patches from the next upstream release branch will be backported to improve ruby-1.9 compatibility...

CVE-2011-3620

Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username...

CVE-2011-3620

Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username...

Design/Logic Flaw

Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username...

CVE-2011-3620

Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username...

CVE-2011-3620

CVE-2011-3620 affects Apache Qpid prior to fixed releases; a flaw in the cluster-join credential verification allows remote attackers who know a valid cluster-username to obtain access to messaging and job functionality. Red Hat advisories (RHSA-2012:0528/0529) state the fix changes to the cluste...

CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

Fedora 15 : puppet-2.6.16-1.fc15 (2012-6055)

This update fixes several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/ReleaseNotes2.6.15 Note that Tenable Network Security has extracted the preceding...

Fedora 16 : puppet-2.6.16-1.fc16 (2012-5999)

This update fixes several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/ReleaseNotes2.6.15 Note that Tenable Network Security has extracted the preceding...

Car Portal CMS 3.0 CSRF / XSS / Shell Upload

Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provid...