Debian DSA-1880-1 : openoffice.org - several vulnerabilities

Several vulnerabilities have been discovered in the OpenOffice.org office suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0200 Dyon Balding of Secunia Research has discovered a vulnerability, which can be exploited by opening a specially...

Mozilla Firefox/Thunderbird/SeaMonkey HTML Parser Remote Code Execution Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed...

MediaWiki Parser Script Insertion (CVE-2006-2611)

A Wiki is generally referred to a collaborative online system that allows many users to easily contribute content by creating web pages that have a common look and feel and that may be changed and revised at any time. MediaWiki is a popular implementation of the Wiki system. It uses a number of P...

RedHat Update for PyXML RHSA-2010:0002-01

Check for the Version of PyXML OpenVAS Vulnerability Test RedHat Update for PyXML RHSA-2010:0002-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Mandriva Security Advisory MDVSA-2009:211-1 (expat)

The remote host is missing an update to expat announced via advisory MDVSA-2009:211-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

FreeBSD : expat2 -- Parser crash with specially formatted UTF-8 sequences (5f030587-e39a-11de-881e-001aa0166822)

CVE reports : The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a...

RHEL 5 : xerces-j2 (RHSA-2009:1615)

Updated xerces-j2 packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser....

CVE-2009-3373

Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors...

Mozilla Firefox 3.5.3 / SeaMonkey 1.1.17 - 'libpr0n' .GIF Parser Heap Buffer Overflow

source: https://www.securityfocus.com/bid/36855/info Mozilla Firefox and SeaMonkey are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code and to cause denial-of-service conditions by tricking a victim into visiting a malicious webpage...

RealNetworks RealPlayer RealText Parsing Buffer Overflow (CVE-2005-1766)

RealPlayer is a media player developed by RealNetworks, Inc. It supports a streaming text technology called RealText to create presentations that include text content. RealText can stream documents consisting of purely text or closed-captioned video clips, for example. The RealText resources are...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

Design/Logic Flaw

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...

Novell Groupwise fails to properly sanitize emails.

Affected product ---------------- Novell Groupwise webaccess Affected software: 7.x and 8.0 Vulnerability details --------------------- Groupwise WebAccess implements a security parser designed to prevent embedded scripts in HTML emails from executing in the users's browser. Unfortunately this...

[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1795 [email protected] http://www.debian.org/security/ Devin Carraway May 07, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2008:121)

Multiple vulnerabilities were discovered in FreeType's Printer Font Binary PFB font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code CVE-2008-1806,...

Ubuntu Update for tcpdump vulnerability USN-429-1

Ubuntu Update for Linux kernel vulnerabilities USN-429-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4291.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for tcpdump vulnerability USN-429-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

RedHat Update for freetype RHSA-2008:0558-01

Check for the Version of freetype OpenVAS Vulnerability Test RedHat Update for freetype RHSA-2008:0558-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for freetype CESA-2008:0556 centos3 i386

Check for the Version of freetype OpenVAS Vulnerability Test CentOS Update for freetype CESA-2008:0556 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Amaya Web Editor 11.0 - XML HTML Parser

Amaya Web Editor 11.0 - XML HTML Parser -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Amaya web editor XML and HTML parser vulnerabilities 1. Advisory Information Title: Amaya web editor XML and HTML parser...

Amaya Web Editor 11.0 - XML / HTML Parser

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Amaya web editor XML and HTML parser vulnerabilities 1. Advisory Information Title: Amaya web editor XML and HTML parser vulnerabilities Advisory ID: CORE-2008-1211...