Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RHEL 5 : java-1.7.0-openjdk (RHSA-2013:1447)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1447 advisory. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple input checking flaws were...

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20131021)

Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Design/Logic Flaw

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service daemon crash by "hot-unplugging" a virtio device...

WhatsApp Crypto Implementation Vulnerability Discovered

WhatsApp, a popular mobile message application, suffers from crypto implementation vulnerability that leaves messages exposed. Thijs Alkemade, a computer science student at Utrecht University in The Netherlands who works on the open source Adium instant messaging project, disclosed a serious issu...

use-after-free in libxl_list_cpupool under memory pressure

ISSUE DESCRIPTION If realloc3 fails then libxllistcpupool will incorrectly return the now-free original pointer. IMPACT An attacker may be able to cause a multithreaded toolstack using this function to race against itself leading to heap corruption and a potential DoS. Depending on the malloc...

Cisco IOS XE Software Multicast Network Time Protocol Denial of Service Vulnerability (cisco-sa-20130925-ntp)

A vulnerability in the implementation of the Network Time Protocol NTP feature in Cisco IOS XE Software allows an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of multicast NTP...

CVE-2012-4098

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13055...

CVE-2013-5915

The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys...

CVE-2013-2918

Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact ...

CVE-2013-2907

The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

Out-of-bounds

The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service out-of-bounds read via vectors related to the...

CVE-2013-2918

Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact ...

CVE-2013-2918

Removed by vendor...

CVE-2013-2906

Removed by vendor...

FreeBSD : polarssl -- Timing attack against protected RSA-CRT implementation (ccefac3e-2aed-11e3-af10-000c29789cb5)

PolarSSL Project reports : The researchers Cyril Arnaud and Pierre-Alain Fouque investigated the PolarSSL RSA implementation and discovered a bias in the implementation of the Montgomery multiplication that we used. For which they then show that it can be used to mount an attack on the RSA key...

polarssl -- Timing attack against protected RSA-CRT implementation

PolarSSL Project reports: The researchers Cyril Arnaud and Pierre-Alain Fouque investigated the PolarSSL RSA implementation and discovered a bias in the implementation of the Montgomery multiplication that we used. For which they then show that it can be used to mount an attack on the RSA key...

Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2141 Emese Revfy provided a fix for an information leak ...

Code injection

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service device reload by leveraging an MSDP peer...