CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Design/Logic Flaw

CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file...

CVE-2013-1024

CVE-2013-1024 is a memory‑initialization flaw in CoreMedia Playback for Mac OS X before 10.8.4, triggered by processing text tracks in a crafted movie file, allowing remote code execution or a denial of service. Related advisories reference Apple HT5784/HT6001, but the provided documents do not s...

tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)

The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...

tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)

The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...

Wireshark ASN.1 BER Dissector DoS Vulnerability - May 13 (Mac OS X)

This host is installed with Wireshark and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbwiresharkdosvulnmay13macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Wireshark ASN.1 BER Dissector DoS Vulnerability - May 13 Mac OS X Authors: Arun Kallavi Copyright: Copyright...

Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 (Windows)

This host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrmultvuln01may13win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 Windows Authors: Arun Kallavi...

SIEMENS Solid Edge ST4 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE

Exploit for windows platform in category remote exploits SIEMENS Solid Edge ST4 WebPartHelper ActiveX Control RFMSsvs!JShellExecuteEx Remote Command Execution Tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft Windows XP sp3 Internet Explorer 8 Software description:...

Design/Logic Flaw

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain...

CVE-2013-1675

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain...

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows ActiveX settings: Binary path: C:Program Files x86BorlandCaliberRMemsmtp.dll Version: 5.0.0.11 ProgID: EasyMail.SMTP.5 CLSID: 4610E7BF-710F-11D3-813D-00C04F6B92D0 Safe for Scripting: True Safe for Initialization: True...

krb5: PKINIT null pointer deref leads to DoS

The pkinitserverreturnpadata function in plugins/preauth/pkinit/pkinitsrv.c in the PKINIT implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a...

DEBIAN-CVE-2013-1415

The pkinitcheckkdcpkid function in plugins/preauth/pkinit/pkinitcryptoopenssl.c in the PKINIT implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate,...

Scientific Linux Security Update : dnsmasq on SL6.x i386/x86_64 (20130221)

It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS...

ipa security, bug fix and enhancement update

3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...