Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120221)

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could u...

[SECURITY] Fedora 16 Update: nsd-3.2.12-1.fc16

NSD is a complete implementation of an authoritative DNS name server. For further information about what NSD is and what NSD is not please consult the REQUIREMENTS document which is a part of this distribution thanks to Olaf...

CentOS Update for kernel CESA-2011:1386 centos5 x86_64

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2011:1386 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for thunderbird CESA-2012:0715 centos5

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2012:0715 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

ISC bind DoS

Crash because of incorrect failed requests cache implementation...

SSL Certificate Chain Contains Weak RSA Keys

At least one of the X.509 certificates sent by the remote host has a key that is shorter than 1024 bits. Such keys are considered weak due to advances in available computing power decreasing the time required to factor cryptographic keys. Some SSL implementations, notably Microsoft's, may conside...

Mozilla Firefox Multiple Vulnerabilities - July12 (Windows)

This host is installed with Mozilla firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxmultvulnjul12win.nasl 6018 2017-04-24 09:02:24Z teissa $ Mozilla Firefox Multiple Vulnerabilities - July12 Windows Authors: Rachana Shetty Copyright: Copyright c...

Mozilla Firefox Multiple Vulnerabilities (Jul 2012) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross site scripting

Cross-site scripting XSS vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted parameter to blog/index.php...

CVE-2012-2362

Cross-site scripting XSS vulnerability in blog/lib.php in the blog implementation in Moodle 1.9.x before 1.9.18, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted parameter to blog/index.php...

CVE-2012-2362

Moodle 1.9.x is affected by CVE-2012-2362: an XSS in blog/lib.php is exploitable via a crafted parameter to blog/index.php when using Internet Explorer, affecting versions before 1.9.18. The issue allows remote injection of arbitrary script/HTML. Connected sources confirm the vulnerability detail...

SeaMonkey < 2.11.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.11.0. Such versions are potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948, CVE-2012-1949 - Several memory safety issues...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score,...

Content Security Policy 1.0 implementation errors cause data leakage — Mozilla

Security researcher Karthikeyan Bhargavan of Prosecco at INRIA reported Content Security Policy CSP 1.0 implementation errors. CSP violation reports generated by Firefox and sent to the "report-uri" location include sensitive data within the "blocked-uri" parameter. These include fragment...

Design/Logic Flaw

The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets CSS and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified...

CVE-2011-4293

The Moodle vulnerability CVE-2011-4293 affects Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1, where the theme implementation dupes caching of CSS and JavaScript content. This duplication can bypass access restrictions and allow writing to the operating system’s temporary directory via unspecif...

security advisory: AirDroid 1.0.4 beta

Dear Sir or Madam, we'd like to publish the following advisory. Thanks in advance. TC-SA-2012-02: Several weaknesses in implementation of security features in AirDroid 1.0.4 beta Published: 2012/07/12 Advisory-Version: 1.0 Affected products: AirDroid 1.0.4 beta References: TC-SA-2012-02...

CVE-2012-3073

The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service networking outage or process crash via 1 malformed IP packets, 2 a high...

Code injection

The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service networking outage or process crash via 1 malformed IP packets, 2 a high...

CVE-2012-3073

The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service networking outage or process crash via 1 malformed IP packets, 2 a high...