Solaris 9 (sparc) : 142846-04

Message Queue 4.4 Update 2 Patch 1 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Nov/19/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (x86) : 127413-16 (deprecated)

Message Queue 4.1 Update 4 Patch 6x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127413 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security,...

Solaris 9 (sparc) : 127411-16

Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 9 (x86) : 127413-16

Message Queue 4.1 Update 4 Patch 6x86 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

Solaris 10 (sparc) : 127411-16 (deprecated)

Message Queue 4.1 Update 4 Patch 6 SunOS 5.9 5.10 Core product. Date this patch was last updated by Sun : Mar/12/12 This plugin has been deprecated and either replaced with individual 127411 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, In...

wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)

The dissectmqrr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Console: Stored cross-site scripting (XSS)

Multiple cross-site scripting XSS vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the 1 user field in the create user page or 2 profile version to the create...

DEBIAN-CVE-2013-5721

The dissectmqrr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

CVE-2010-4438

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

Buffer overflow

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

CVE-2010-4438

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

CVE-2010-4438

Removed by vendor...

CVE-2010-4438

CVE-2010-4438 relates to a local privilege escalation in Oracle GlassFish Server (notably GlassFish 2.x/3.0.1 and JMS components). The OpenVAS entries confirm a GlassFish privilege-escalation vulnerability with CVSS base 5.7 (local access, partial confidentiality/integrity impact, complete availa...

CVE-2010-4438

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service JMS...

kernel: ipc/compat*.c: reading uninitialized stack memory

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the 1 compatsyssemctl, 2 compatsysmsgctl, and 3 compatsysshmctl functions in...

kernel: ipc/compat*.c: reading uninitialized stack memory

The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the 1 compatsyssemctl, 2 compatsysmsgctl, and 3 compatsysshmctl functions in...

ejabberd -- queue overload denial of service vulnerability

The Red Hat security response team reports: A remotely exploitable DoS from XMPP client to ejabberd server via too many "client2server" messages causing the message queue on the server to get overloaded, leading to server crash has been found...

Design/Logic Flaw

Sophos PureMessage Scanner service PMScanner.exe in PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service message queue delay and incomplete spam rule update via a crafted 1 RTF or 2 PDF file...