CVE-2012-2486

CVE-2012-2486 affects Cisco TelePresence products via a vulnerability in the Cisco Discovery Protocol (CDP) implementation that allows remote code execution when a malformed CDP packet is sent by an adjacent attacker. Affected are Cisco TelePresence Multipoint Switch (before 1.9.0), TelePresence ...

NO BOOT FOR YOU ! Will Windows 8 Kill Live CDs and USBs?

In January 2012, Microsoft confirmed to PC manufacturers that they must enable Secure Boot by default on PCs to be "Certified for Windows 8". The purpose of Secure Boot is to put an end to computer viruses that sneak between the hardware and the operating system. These viruses, also known as...

RedHat Update for kernel RHSA-2011:1350-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:1350-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RedHat Update for kernel RHSA-2011:1189-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2011:1189-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RedHat Update for kernel RHSA-2011:1189-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Debian DSA-2507-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. - CVE-2012-1711 CVE-2012-1719 Multiple errors in the CORBA implementation could lead to breakouts of the Java sandbox. - CVE-2012-1713 Missing input sanitising in the font manager could lead to...

SuSE 10 Security Update : GnuTLS (ZYPP Patch Number 8066)

This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service heap memory corruption and application crash via an issue in the asn1getlengthder function. CVE-2012-1569 - crafted GenericBlockCipher structures allow remote attackers to cause a denial of...

Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)

The PHP development team would like to announce the immediate availability of PHP 5.3.14. All users of PHP are encouraged to upgrade to PHP 5.3.14. The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. PHP 5.3.14...

Fedora 17 : maniadrive-1.2-41.fc17 / php-5.4.4-1.fc17 (2012-9490)

The PHP development team would like to announce the immediate availability of PHP 5.4.4. All users of PHP are encouraged to upgrade to PHP 5.4.4. The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension. PHP 5.4.4...

Padding Oracle Crypto Research Prompts Confusion, Dissenting Opinions on Severity

Few things tend to spark debates and controversy in the security community like a new piece of cryptographic research. The paper by a group of academic researchers on an improvement to a padding oracle attack on certain hardware security tokens publicized this week is no different, with RSA...

CVE-2012-2825

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

DEBIAN-CVE-2012-2825

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

Denial of service

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

CVE-2012-2825

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

CVE-2012-2825

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

CVE-2012-2825

CVE-2012-2825 is tied to the libxslt XSLT library, where the transformation of certain XSL templates via namespaces could trigger a denial of service (and, in related advisories, crashes) due to faulty handling when processing embedded DTDs or specific XSLT structures. Public notices from 2012–20...

CVE-2012-2825

The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service incorrect read operation via unspecified vectors...

CVE-2012-2127

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONENEWPID clone system calls, which allows remote attackers to cause a denial of service reference leak and memory consumption by making many connections to a daemon that uses PID namespac...

Code injection

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONENEWPID clone system calls, which allows remote attackers to cause a denial of service reference leak and memory consumption by making many connections to a daemon that uses PID namespac...