CVE-2013-5634

arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM platform, when KVM is used, allows host OS users to cause a denial of service NULL pointer dereference, OOPS, and host OS crash or possibly have unspecified other impact by omitting vCPU initialization before a KVMGETREGLIST ioctl call...

PT-2013-5702 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.10 Description: The issue affects the Linux kernel on the ARM platform when KVM is used, allowing host OS users to cause a denial of service, including a NULL pointer dereference, OOPS, and host OS crash, or...

CVE-2013-1725

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by...

Design/Logic Flaw

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by...

CVE-2013-1728

Affected software: Mozilla Firefox (before 24.0), Thunderbird (before 24.0), and SeaMonkey (before 2.21). Root cause: IonMonkey memory not properly initialized when Valgrind mode is used, enabling potential leakage of sensitive data. Impact: remote attackers could obtain sensitive information via...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

CVE-2013-1725

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by...

Ubuntu Update for firefox USN-1951-1

Check for the Version of firefox OpenVAS Vulnerability Test $Id: gbubuntuUSN19511.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for firefox USN-1951-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free softwar...

Mozilla: Calling scope for new Javascript objects can lead to memory corruption (MFSA 2013-82)

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by...

CVE-2013-1725

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote attackers to execute arbitrary code by...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2012-137) (ROBOT)

Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086 , CVE-2012-5084 , CVE-2012-5089 Multiple improper permission check issues...

FreeBSD -- Kernel memory disclosure in sctp(4)

Problem Description: When initializing the SCTP state cookie being sent in INIT-ACK chunks, a buffer allocated from the kernel stack is not completely initialized. Impact: Fragments of kernel memory may be included in SCTP packets and transmitted over the network. For each SCTP session, there are...

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3187)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

DEBIAN-CVE-2013-4920

The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4920

The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service application crash via a crafted packet...

IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5 Multiple Vulnerabilities

IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. CVE-2013-0169, PM85211 - The...

Updated python-suds package fixes security vulnerability

An insecure temporary directory use flaw was found in the way python-suds performed initialization of its internal file-based URL cache predictable location was used for directory to store the cached files. A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to...

Oracle Linux 4 : kernel (ELSA-2008-0607)

From Red Hat Security Advisory 2008:0607 : Updated kernel packages that fix a security issue and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Lin...

Oracle Linux 5 : kernel (ELSA-2009-1548)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1548 advisory. - fs fix pipe null pointer dereference Jeff Moyer 530938 530939 CVE-2009-3547 - security require root for mmapminaddr Eric Paris 518142 518143...