Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)

This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-540. The text...

Microsoft Internet Explorer CTable Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2014-2327 · Plone +1 · Plone +1

Name of the Vulnerable Software and Affected Versions: Plone versions prior to 4.2.3 Plone version 4.3 before beta 1 Description: The issue allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request. This is possible due to a flaw in the...

Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CTableOMRowCache Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

LibreOffice: two security fixes (important)

This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects...

Fedora 20 : libreoffice-4.2.6.3-3.fc20 (2014-10732)

CVE-2014-3575 arbitrary file preview disclosure via ole2 objects The vulnerability allows an attacker to send a document which when opened will trigger the prompt to 'Update Links' but if the user cancels that prompt may still generate and insert into the document an OLE2 preview image of a file ...

Retrieving all tables and their columns at once MSSQL

In the Name of ALLAH the Most Beneficent and the Merciful Zenodermus, Ch3rn0by1 and Me was workinn on MSSQL.. when Zenodermus thought to make a DIOS for MSSQL.. previously at Код: http://websec.ca/kb/sqlinjection DIOS is under the heading Retrieving Multiple Tables and Columns Код: AND 1=0; BEGIN...

DEBIAN-CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

[SECURITY] Fedora 20 Update: zarafa-7.1.10-4.fc20

The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...

Design/Logic Flaw

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...

CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...

UBUNTU-CVE-2014-3575

The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via crafted OLE objects...

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3575 OpenOffice Targeted Data Exposure Using Crafted OLE Objects Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions are also affected. Descriptio...

[SECURITY] Fedora 20 Update: rubygem-activerecord-4.0.0-4.fc20

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...