CVE-2011-2614

CVE-2011-2614 affects the SVG rendering in Opera prior to 11.50. The vulnerability allows a remote attacker to cause an application crash (DoS) by crafting a path with many drawn characters. Exploitation details are not provided in the sources; no in‑the‑wild exploit information is included. Reme...

Google Chrome Multiple Vulnerabilities (Linux) - June 11

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnlinjun11.nasl 7006 2017-08-25 11:51:20Z teissa $ Google Chrome Multiple Vulnerabilities Linux - June 11 Authors: Madhuri D Copyright: Copyright c 2011...

Google Chrome Multiple Vulnerabilities (Windows) - June 11

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwinjun11.nasl 7019 2017-08-29 11:51:27Z teissa $ Google Chrome Multiple Vulnerabilities Windows - June 11 Authors: Madhuri D Copyright: Copyright c 2011...

Google Chrome Multiple Vulnerabilities (Jun 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-1172

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

CVE-2011-1171

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

CVE-2011-1172

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

CVE-2011-1170

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

java security update

CentOS Errata and Security Advisory CESA-2011:0857 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syst...

Debian DSA-2258-1 : kolab-cyrus-imapd - implementation error

It was discovered that the STARTTLS implementation of the Kolab Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is i...

DSA-2258-1 kolab-cyrus-imapd - implementation error

Bulletin has no description...

Debian DSA-2242-1 : cyrus-imapd-2.2 - implementation error

It was discovered that the STARTTLS implementation of the Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in plac...

Debian DSA-2241-1 : qemu-kvm - implementation error

Nelson Elhage discovered that incorrect memory handling during the removal of ISA devices in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Debian DSA-2239-1 : libmojolicious-perl - several vulnerabilities

Several vulnerabilities have been discovered in Mojolicious, a Perl Web Application Framework. The linkto helper was affected by cross-site scripting and implementation errors in the MD5 HMAC and CGI environment handling have been corrected. The oldstable distribution lenny doesn't include...

CVE-2011-1810

Removed by vendor...

Design/Logic Flaw

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the skaddbacklog function and the skrmemalloc...

CVE-2010-4251

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service memory consumption by sending a large amount of network traffic, as demonstrated by netperf UDP tests...

[ MDVSA-2011:100 ] cyrus-imapd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:100 http://www.mandriva.com/security/ Package : cyrus-imapd Date : May 24, 2011 Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been identified and fix...

DSA-2242-1 cyrus-imapd-2.2 - implementation error

Bulletin has no description...

CVE-2011-2168

CVE-2011-2168 affects the glob implementation in OpenBSD’s libc prior to 4.9. It involves multiple integer overflows in the glob code, related to GLOB_APPEND and GLOB_DOOFFS flags, which could let context-dependent attackers trigger an unspecified impact via a crafted string. The provided documen...