Fedora 19 : arm-none-eabi-binutils-cs-2014.05.28-3.fc19 (2014-14874)

fix directory traversal vulnerability 1162657 - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack...

Fedora 21 : avr-binutils-2.24-4.fc21 (2014-14995)

fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in...

Fedora 20 : arm-none-eabi-binutils-cs-2014.05.28-3.fc20 (2014-14833)

fix directory traversal vulnerability 1162657 - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack...

Updated gnutls package fix security vulnerability

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application...

DEBIAN-CVE-2014-3689

The vmware-vga driver hw/display/vmwarevga.c in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling...

Scientific Linux Security Update : gnutls on SL7.x x86_64 (20141112)

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application...

RedHat Update for gnutls RHSA-2014:1846-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for gnutls CESA-2014:1846 centos7

Check the version of gnutls SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882080";...

Moderate: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

gnutls: out-of-bounds memory write

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR resulting in heap corruption...

Microsoft Internet Explorer CSS Transition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. By setting a "background" style...

openssl: race condition in ssl_parse_serverhello_tlsext

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

FreeBSD 4.4 AIO Library Cross Process Memory Write Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3661/info aio.h is a library implementing the POSIX standard for asynchronous I/O. Support for AIO may be enabled in FreeBSD by compiling the kernel with the VFSAIO option. This option is not enabled in the default kernel...

Microsoft WINS Service Memory Overwrite

No description provided by source. $Id: ms04045wins.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

openSUSE Security Update : libxml2 (openSUSE-SU-2012:0731-1)

specially crafted xpath statements could cause an out of bounds memory write %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-320. The text description of this plugin is C SUSE LL...

PT-2014-47: Arbitrary memory write in Honeywell EPKS

The specialists of the Positive Research center have detected an Arbitrary memory write vulnerability in Honeywell EPKS. Arbitratry memory write was discovered in function readexactsilentmaster from dualonsrv.exe module which could lead to possible remote code execution or denial of service. How ...

Apple QuickTime Multiple Vulnerabilities (Mar 2014) - Windows

Apple QuickTime player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:quicktime";...

VulnCheck KEV: CVE-2013-3918

Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote...

CVE-2013-3077

Multiple integer overflows in the IPMSFILTER and IPV6MSFILTER features in 1 sys/netinet/inmcast.c and 2 sys/netinet6/in6mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write...

Another Java zero-day vulnerability being exploited in the wild

Do you still have Java installed? There is a bad news for you ! FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. The vulnerability targets browsers that have the latest version of the Java plugin installed Java v1.6 Update 41 and Java v1.7 Updat...