Advance Notification Service for the November 2014 Security Bulletin Release

Today, we provide advance notification for the release of 16 Security Bulletins. Five of these updates are rated Critical, nine are rated as Important, and two are rated Moderate in severity. These updates are for Microsoft Windows, Internet Explorer, Office, Exchange, .NET Framework, Internet...

QQ input method pure version 1. 1 The presence of IME vulnerability-vulnerability warning-the black bar safety net

In the login system before, or Telnet before you can open the input method selected help, you can open the IE browser, by saving the page you can open the computer file list. The main is now popular PC end windows 8 system...

DEBIAN-CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

UBUNTU-CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

[SECURITY] Fedora 20 Update: libfep-0.1.0-1.fc20

The libfep project aims to provide a server and a library to implement input method FEP front end processor, running on ANSI compliant terminals...

[SECURITY] Fedora 19 Update: libfep-0.1.0-1.fc19

The libfep project aims to provide a server and a library to implement input method FEP front end processor, running on ANSI compliant terminals...

Fedora Update for ibus-chewing FEDORA-2014-1910

Check for the Version of ibus-chewing OpenVAS Vulnerability Test Fedora Update for ibus-chewing FEDORA-2014-1910 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 20 Update: ibus-chewing-1.4.10.1-1.fc20

IBus-chewing is an IBus front-end of Chewing, an intelligent Chinese input method for Zhuyin BoPoMoFo users. It supports various Zhuyin keyboard layout, such as standard DaChen, IBM, Gin-Yeah, Eten, Eten 26, Hsu, Dvorak, Dvorak-Hsu, and DaChen26. Chewing also support toned Hanyu pinyin input...

DEBIAN-CVE-2013-4509

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen...

JVN#80922020: ArtIME Japanese Input vulnerable to information disclosure

ArtIME Japanese Input is a Japanese Input Method Editor IME for Android devices. ArtIME Japanese Input contains an issue in the access permissions for the certain files. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product...

Scientific Linux Security Update : gtk2 on SL5.x i386/x86_64 (20130108)

An integer overflow flaw was found in the X BitMap XBM image file loader in GTK+. A remote attacker could provide a specially crafted XBM image file that, when opened in an application linked against GTK+ such as Nautilus, would cause the application to crash. CVE-2012-2370 This update also fixes...

RedHat Update for gtk2 RHSA-2013:0135-01

Check for the Version of gtk2 OpenVAS Vulnerability Test RedHat Update for gtk2 RHSA-2013:0135-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

gtk2 security update

CentOS Errata and Security Advisory CESA-2013:0135 Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVS...

RHEL 5 : gtk2 (RHSA-2013:0135)

Updated gtk2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Sogou mobile phone input method sites exist SQL injection vulnerability-vulnerability warning-the black bar safety net

Vulnerability type: SQL injection vulnerability Hazard rating: low The self-assessment Rank of: 5 Vulnerability status: the vendor has confirmed Brief description: Browse sogou input method web site, found that the presence ofSQL injectionvulnerabilities. Detailed description: 1...

Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)

This host is missing an important security update according to Microsoft Bulletin MS11-088. OpenVAS Vulnerability Test $Id: secpodms11-088.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Office IME Chinese Privilege Elevation Vulnerability 2652016 Authors: Antu Sanadi Copyright: Copyright c 2011...

Microsoft Office IME (Chinese) Privilege Elevation Vulnerability (2652016)

This host is missing an important security update according to Microsoft Bulletin MS11-088. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2011-2010

The CVE-2011-2010 issue affects the Microsoft Office IME (Chinese) for Simplified Chinese in Pinyin IME 2010 family (MSPY), including Office Pinyin SimpleFast Style 2010 and Office Pinyin New Experience Style 2010. The root cause is improper restriction of configuration options in the IME toolbar...