RIPv1 Reflection Amplification DDoS Attacks

A long-deprecated—and aptly named—routing protocol, RIPv1, still has some life to it. Hackers, since the middle of May, have been carrying out reflection- and amplification-style distributed denial of service attacks using home office and small business routers still running on the old protocol...

MGASA-2014-0435 Updated MythTV packages to harden against SSDP reflection attacks

Updated MythTV packages to harden against SSDP reflection attacks MythTV's UPNP component was suseptable to SSDP reflection attacks and has been hardened to disallow SSDP device discovery from non-local addresses as mitigation. Additionally, a popular schedules retrieval service, Schedules Direct...

SuSE9 Security Update : epiphany (YOU Patch Number 12616)

This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. The following security issues are fixed : - Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be...

Mozilla Firefox multiple security vulnerabilities

Multiple memory corruptions on HTML and media formats parsing, NTLM reflection attacks, location spoofing, privilege escalation, information leak...

SeaMonkey < 2.0.1 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.1. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2009-65 - Multiple vulnerabilities in 'liboggplay' can lead to arbitrary code execution. MFSA 2009-66...

Firefox < 3.0.16 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.16. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2009-65 - The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from o...

Mozilla Firefox < 3.0.16 / 3.5.6 Multiple Vulnerabilities

Binary data 801369.prm...

Code injection

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...

CVE-2008-3010

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...

CVE-2008-3010

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...