Symantec Norton AntiVirus 2002 Nested File Manual Scan Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit malicious executable content t...

Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow Vulnerability (DoS)

Summary Spark Browser is a free Internet browser with very sharp UIs and cool utilities. It's based on the Chromium technology platform, giving it fast browsing capabilities. Description Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service application crash...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:0008-1)

This update fixes the following security issues with SeaMonkey : - update to SeaMonkey 2.23 bnc854370 - requires NSPR 4.10.2 and NSS 3.15.3.1 - MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards - MFSA 2013-105/CVE-2013-5611 bmo771294 Application Installation doorhanger...

CVE-2013-1864

The CVE-2013-1864 issue affects PTLib (Portable Tool Library) before 2.10.10 as used in Ekiga before 4.0.1. The vulnerability arises from improper detection of recursion during entity expansion, enabling a remote attacker to cause a denial of service via crafted PXML documents with a very large n...

UBUNTU-CVE-2014-3243

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...

CVE-2014-3243

Removed by vendor...

CVE-2014-3243

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted SOAP request containing a large number of nested entity references...

UBUNTU-CVE-2014-3145

The BPFSANCNLATTRNEST extension implementation in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service over-read and system crash via crafted BPF instructions. NOTE:...

Microsoft XML Core Services Nested Tag Memory Corruption- Ver2 (CVE-2007-0099)

A memory corruption vulnerability has been reported in Xml Core Services. The vulnerability is due to the way that Microsoft XML Core Services handles nested tags. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2013-7332

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

Design/Logic Flaw

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity...

Mozilla: Sandbox restrictions not applied to nested object elements (MFSA 2013-107)

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...

Mozilla: Sandbox restrictions not applied to nested object elements (MFSA 2013-107)

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...

Sandbox restrictions not applied to nested object elements — Mozilla

Mozilla security developer Daniel Veditz discovered that restrictions are not applied to an element contained within a sandboxed iframe. This could allow content hosted within a sandboxed iframe to use element to bypass the sandbox restrictions that should be applied...

DEBIAN-CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

busybox: insecure directory permissions in /dev

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

DEBIAN-CVE-2013-4551

Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for 1 VMLAUNCH and 2 VMRESUME, which allows local HVM guest users to cause a denial of service host crash via unspecified vectors related to "guest VMX instruction execution."...