Wireshark 1.5.1 Development Release !

Wireshark 1.5.1 Development Release ! Wireshark 1.5.1 has been released. Installers for Windows, OS X, and source code are now available. New and Updated Features The following features are new or have been significantly updated since version 1.4: 1. Wireshark can import text dumps, similar to...

[SECURITY] Fedora 15 Update: rubygem-activerecord-3.0.5-1.fc15

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

CVE-2009-5064

ldd in the GNU C Library aka glibc or libc6 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LDTRACELOADEDOBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion...

CVE-2011-1205

The CVE-2011-1205 entry concerns multiple buffer overflows in unspecified COM objects within IBM Rational licensing components used by Rational ClearCase 7.0.0.4–7.1.1.4, ClearQuest 7.0.0.4–7.1.1.4, and related products. The root cause is buffer overflows in COM objects that can be triggered by r...

Google Chrome Multiple Vulnerabilities - March 11(Windows)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultdosvulnmar11win.nasl 7052 2017-09-04 11:50:51Z teissa $ Google Chrome Multiple Denial of Service Vulnerabilities - March 11Windows Authors: Madhuri D Copyright: Copyright ...

CVE-2011-1199

Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

CVE-2011-1199

Removed by vendor...

[SECURITY] Fedora 15 Update: pywebdav-0.9.4.1-1.fc15

WebDAV library for Python. WebDAV is an extension to the normal HTTP/1.1 protocol allowing the user to upload data, create collections of objects, store properties for objects, etc...

CVE-2011-0115

The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a...

Memory corruption during text run construction (Windows) — Mozilla

Alex Miller reported that when very long strings were constructed and inserted into an HTML document, the browser would incorrectly construct the layout objects used to display the text. Under such conditions an incorrect length would be calculated for a text run resulting in too small of a memor...

Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability

This host is installed with Microsoft Office Power Point and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-022.nasl OID:1.3.6.1.4.1.25623.1.0.902411. OpenVAS Vulnerability Test $Id: gbmspowerpointcodeexecvuln.nasl 6538 2017-07-05 11:38:27Z cfischer ...

CVE-2011-0980

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability."...

glibc security and bug fix update

2.12-1.7.el60.3 - Require suid bit on audit objects in privileged programs 645679, CVE-2010-3856 2.12-1.7.el60.2 - Never expand in privileged programs 643821 2.12-1.7.el60.1 - Fix bug in generic strstr/memmem implementation handling certain repeated patterns 643341 - Correctly align TCB for AVX...

(0Day) Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with t...

Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability

This host is installed with Internet Explorer and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-018.nasl OID:1.3.6.1.4.1.25623.1.0.900278. OpenVAS Vulnerability Test $Id: gbmsiereleaseinterfacecodeexecutionvuln.nasl 6526 2017-07-05 05:43:52Z cfische...

Zero day vulnerability begin in Windows MHTML renderer !

Microsoft has aloof appear aegis advising 2501696 acknowledging a fresh aught day blemish in all accepted versions of Windows except Server Core. The blemish appears to acquiesce maliciously crafted web pages to assassinate cipher in any "zone" behindhand of which area is specified. Any...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2011-0410

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by 1 sniffing the network for transmissions of Java objects or 2 reading the database...

CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

DEBIAN-CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...