9091 matches found
Integer overflow
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document...
CVE-2009-3953
CVE-2009-3953 affects Adobe Reader/Acrobat U3D handling in PDFs. The vulnerability arises from a CLODProgressiveMeshDeclaration array boundary issue in the U3D implementation, allowing remote code execution when processing malformed U3D data. Affected product versions include Acrobat/Reader 9.x p...
CVE-2009-3953
The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a differe...
CVE-2009-3953
The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration “array boundary issue,” a differe...
Four Questions for Bruce Schneier on the GSM Cipher Crack
Math is hard and cryptography is even harder. So in light of the news that another of the ciphers used to secure traffic on 3G GSM networks has been cracked, we turned to mathematician and cryptographer Bruce Schneier to explain the attack and its ramifications. So here are Schneier’s answer to a...
Multiple D-Link Routers Authentication Bypass Vulnerability
Exploit for unknown platform in category web applications =========================================================== Multiple D-Link Routers Authentication Bypass Vulnerability =========================================================== Multiple D-ÂLink routers suffer from insecure...
MacOS X 10.5/10.6 libc/strtod(3) buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MacOS X 10.5/10.6 libc/strtod3 buffer overflow Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 08.01.2010 CVE: CVE-2009-0689 CWE: CWE-119 Risk: High Remote: Yes Affected Software: - - MacOS 10.6...
CentOS 5 : java-1.6.0-openjdk (CESA-2009:1201)
Updated java-1.6.0-openjdk packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and...
Ubuntu USN-874-1 (xulrunner-1.9.1)
The remote host is missing an update to xulrunner-1.9.1 announced via advisory USN-874-1. OpenVAS Vulnerability Test $Id: ubuntu8741.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8741.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-874-1 xulrunner-1.9.1...
Debian Security Advisory DSA 1956-1 (xulrunner)
The remote host is missing an update to xulrunner announced via advisory DSA 1956-1. OpenVAS Vulnerability Test $Id: deb19561.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1956-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
[SECURITY] [DSA 1963-1] New unbound packages fix DNSSEC validation
------------------------------------------------------------------------ Debian Security Advisory DSA-1963-1 [email protected] http://www.debian.org/security/ Florian Weimer December 23, 2009 http://www.debian.org/security/faq -...
Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-873-1)
Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...
Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 vulnerabilities (USN-874-1)
Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...
USN-874-1: Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the...
NTLM reflection vulnerability — Mozilla
Security researcher Takehiro Takahashi of the IBM X-Force reported that Mozilla's NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application via the browser. If an attacker could get a user to visit a...
How to use the database to crack the md5-vulnerability warning-the black bar safety net
Why password the number of bits short of MD5 unsafe? A length of 4 pure lowercase letters to generate passwords in the database with the help of Can in 0. 005s is cracked. This time also includes a connection to the database the time, the running environment is in my 900MHZ personal PC. Note that...
ISC BIND 9 DNSSEC查询响应远程缓存中毒漏洞
BUGTRAQ ID: 37118 CVECAN ID: CVE-2009-4022 BIND是一个应用非常广泛的DNS协议的实现,由ISC负责维护,具体的开发由Nominum公司完成。 启用了DNSSEC验证的名称服务器在解析递归客户端查询期间可能错误的从所接收到响应的附加部分向其缓存添加记录,这是一种缓存中毒的情况。...
Sun Java SE Multiple Vulnerabilities - Nov09 (Windows)
This host is installed with Sun Java SE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodsunjavasemultvulnnov09win.nasl 7699 2017-11-08 12:10:34Z santu $ Sun Java SE Multiple Vulnerabilities - Nov09 Windows Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...
Sun Java SE Multiple Vulnerabilities (Nov 2009) - Windows
Sun Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...