Session fixation

net/socket/sslclientsocketnss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by...

CVE-2013-6628

net/socket/sslclientsocketnss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by...

Debian Security Advisory DSA 2797-1 (icedove - several vulnerabilities)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb2797.nasl 14276 2019-03-18 14:43:56Z cfischer $ Auto-generated from advisory DSA 2797-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2013 Greenbone Networks Gmb...

ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by Multiple Vulnerabilities : - An integer overflow condition exists in the tzfileread function in the glibc library. An unauthenticated, remote attacker can exploit this, via a crafted timezone TZ file, to cause a denial of service or the execution of...

Mozilla Thunderbird Multiple Vulnerabilities-01 (Nov 2013) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

RHEL 6 : java-1.6.0-openjdk (RHSA-2013:1505)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1505 advisory. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple inp...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20131105)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Important: java-1.6.0-openjdk

Issue Overview: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual...

[SECURITY] Fedora 19 Update: community-mysql-5.5.34-1.fc19

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

CVE-2013-5602

The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code o...

Race condition

The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...

Fedora Update for gnutls FEDORA-2013-20052

Check for the Version of gnutls OpenVAS Vulnerability Test Fedora Update for gnutls FEDORA-2013-20052 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

MIT Kerberos V5 KDC TCP Handling Denial of Service (CVE-2005-1174)

There exists a heap corruption vulnerability in the MIT Kerberos V5 Key Distribution Center KDC implementation...

Debian DSA-2785-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. - CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. - CVE-2013-2908 Chamal de Silva discovered an address bar...

Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. CVE-2013-2908 Chamal de Silva discovered an address bar spoofin...

Information disclosure

The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions...

OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

Critical: java-1.7.0-openjdk

Issue Overview: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual...

RHEL 6 : java-1.7.0-openjdk (RHSA-2013:1451)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1451 advisory. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple inp...