LibreOffice Calc And Writer File Disclosure Vulnerability - Windows

LibreOffice is prone to arbitrary file disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Foxit Reader < 8.2.1 Multiple Vulnerabilities

Binary data 9985.prm...

Debian DSA-3792-1 : libreoffice - security update

Ben Hayak discovered that objects embedded in Writer and Calc documents may result in information disclosure. Please see https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157 /for additional information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

UBUNTU-CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...

CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...

USN-3196-1 php5 vulnerabilities

It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...

IBM WebSphere Application Server Multiple Vulnerabilities (swg21997743, swg21993797, swg21992315)

IBM WebSphere Application Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Gradle Arbitrary Code Execution Vulnerability

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A security vulnerability exists in the Object Socket Wrapper.java file in Gradle version 2.12. Remote attackers can exploit the vulnerability to execute arbitrary code with the help of specially crafte...

Malicious Code Vulnerability Due To Allowing Access To Mutable Objects

gateway is vulnerable to a malicious code vulnerability. The vulnerability exists because it is allowing access to mutable objects by not using final keyword appropriately in the code...

Dump and Analyze .Net Applications Memory: MemoScope.Net

Dump and Analyze .Net Applications Memory MemoScope.Net is a tool to analyze .Net process memory: it can dump an application’s memory in a file and read it later. The dump file contains all data objects and threads state, stack, call stack. MemoScope.Net will analyze the data and help you to find...

Denial Of Service (DoS)

libgit2 is vulnerable to denial of service DoS attacks. The vulnerability exists because gitoidnfmt function in oid.c parses raw objects which allows the attackers to launch denial of service using a cat-file command with an object file...

ForgeRock OpenIDM and OpenICF RACF Connector Component Arbitrary Code Execution Vulnerability

ForgeRock OpenIDM and OpenICF are both products of ForgeRock, USA. The former is a set of enterprise identity management software, the latter is a set of frameworks used to build or help develop a variety of connectors.RACF Connector is one of the security management connection components. A...

Bypassing Device-Resource Restrictions

Cordova is vulnerable to the bypass of intended device-resource restrictions. Leveraging on an event-based bridge, a library clone, and an IFRAME script execution, a remote attacker is able to directly access bridge JavaScript objects as demonstrated by certain cordova.require calls...

Mozilla: Pointer and frame data leakage of Javascript objects (MFSA 2017-02)

Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird 45.7, Firefox ESR 45....

CVE-2016-0320

IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes...

CVE-2016-8919

IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources...

CVE-2016-8919

IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources...

CVE-2016-0320

CVE-2016-0320 affects IBM UrbanCode Deploy. Description: an authenticated user could modify UCD objects via multiple REST endpoints that do not properly authorize edits, potentially altering behavior of legitimately triggered processes. Affected versions include UrbanCode Deploy 6.0 through 6.2.x...

CVE-2016-0320

IBM UrbanCode Deploy could allow an authenticated user to modify Ucd objects due to multiple REST endpoints not properly authorizing users editing UCD objects. This could affect the behavior of legitimately triggered processes...

Mozilla Firefox < 51 Multiple Vulnerabilities

Binary data 9927.prm...