DEBIAN-CVE-2014-5270

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...

flash-plugin: multiple code execution or security bypass flaws (APSB14-21)

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not...

Flash Player <= 14.0.0.179 Multiple Vulnerabilities (APSB14-21)

According to its version, the installation of Flash Player installed on the remote Windows host is equal or prior to 14.0.0.179. It is, therefore, affected by the following vulnerabilities : - Unspecified memory corruption issues exist that allow arbitrary code execution. CVE-2014-0547,...

MS KB2987114: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

The remote host is missing KB2987114. It is, therefore, affected by the following vulnerabilities : - Unspecified memory corruption issues exist that allow arbitrary code execution. CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555 - An unspecified error...

Adobe AIR <= AIR 14.0.0.178 Multiple Vulnerabilities (APSB14-21)

According to its version, the installation of Adobe AIR on the remote Windows host is equal or prior to 14.0.0.178. It is, therefore, affected by the following vulnerabilities : - Unspecified memory corruption issues exist that allow arbitrary code execution. CVE-2014-0547, CVE-2014-0549,...

Google Chrome < 37.0.2062.120 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.120. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists related to rendering that allows a remote attacker to execute arbitrary code. CVE-2014-3178 - Unspecified...

What does a pointer look like, anyway?

Posted by Chris Evans, Renderer of Modern Art In Adobe’s August 2014 Flash Player security update, we see: These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545. I...

SuSE 11.3 Security Update : flash-player (SAT Patch Number 9612)

This flash-player update fixes the following security issues : - These updates resolve memory leakage vulnerabilities that could have been used to bypass memory address randomization. CVE-2014-0540 / CVE-2014-0542 / CVE-2014-0543 / CVE-2014-0544 / CVE-2014-0545 - These updates resolve a security...

Updated flash-player-plugin packages fix security vulnerabilities

Adobe Flash Player 11.2.202.400 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves memory leakage vulnerabilities that could be used to bypass memory address...

UBUNTU-CVE-2014-5270

Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed...

flash-plugin: multiple code execution or security bypass flaws (APSB14-18)

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly...

flash-plugin: multiple code execution or security bypass flaws (APSB14-18)

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly...

flash-plugin: multiple code execution or security bypass flaws (APSB14-18)

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly...

Adobe AIR <= AIR 14.0.0.110 Multiple Vulnerabilities (APSB14-18)

According to its version, the instance of Adobe AIR on the remote Windows host is equal or prior to 14.0.0.110. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exits that allows code execution. CVE-2014-0538 - An unspecified security bypass error exists...

Flash Player <= 14.0.0.145 Multiple Vulnerabilities (APSB14-18)

According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 14.0.0.145. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows code execution. CVE-2014-0538 - An unspecified security bypass err...

Linux/x86-64 - Disable ASLR Security - 143 bytes

No description provided by source. / Title: Linux/x86-64 - Disable ASLR Security - 143 bytes Date: 2010-06-17 Tested: Archlinux x8664 k2.6.33 Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes http://www.shell-storm.org/shellcode/...

PaX 2.6 Kernel Patch Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10264/info PaX for 2.6 series Linux kernels has been reported prone to a local denial of service vulnerability. The issue is reported to present itself when PaX Address Space Layout Randomization Layout ASLR is enabled. T...

Python <= 2.4.2 realpath() Local Stack Overflow Exploit

No description provided by source. !/usr/bin/python gexp-python.py Python = 2.4.2 realpath Local Stack Overflow ----------------------------------------------- Against VA Space Randomization. Copyright c 2006 Gotfault Security Bug found and developed by: dx/vaxen Gotfault Security, posidron Tripb...

Microsoft Internet Explorer Enhanced Protection Mode (EPM) Detection

The remote host has Enhanced Protection Mode EPM enabled for the Microsoft Internet Explorer web browser. Enhanced Protection Mode EPM is an added layer of protection first added in Microsoft Internet Explorer version 10 that provides a security feature set that includes : - individual browser ta...

openSUSE Security Update : xtrabackup (openSUSE-SU-2014:0245-1)

This update fixes the following security and non-security issues with xtrabackup : - update to 2.1.7 bnc860488 - general changes : - rebased on MySQL versions 5.5.35 and 5.6.15 - now uses libgcrypt randomization functions for setting the IV lp1255300 bnc852224 CVE-2013-6394 - bugs fixed : - After...