CVE-2012-2364

Cross-site scripting XSS vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a...

xorg-x11-server security and bug fix update

1.10.6-1 - xserver 1.10.6 - Use git-style patch names - compsize.h, glxcmds.h: Copy from upstream git since they fell out of the upstream tarball 1.10.4-15 - Undo regression introduced in Patch8007 732467 1.10.4-14 - xserver-1.10.4-sync-revert.patch: Revert an edge-case change in IDLETIME that...

Ubuntu Update for firefox USN-1463-3

Ubuntu Update for Linux kernel vulnerabilities USN-1463-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN14633.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for firefox USN-1463-3 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1463-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CMS Balitbang - Multiple HTML Injection Cross-Site Scripting Vulnerabilities

CMS Balitbang - Multiple HTML Injection Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/54084/info CMS Balitbang is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will...

kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()

Integer overflow in the drmmodedirtyfbioctl function in drivers/gpu/drm/drmcrtc.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service memory corruption via a crafted ioctl call...

NetArt Media Jobs Portal - SQL Injection

NetArt Media Jobs Portal - SQL Injection source: https://www.securityfocus.com/bid/54026/info NetArt Media Jobs Portal is prone to multiple HTML-injection vulnerabilities and an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues...

Integer overflow

Integer overflow in the i915gemexecbuffer2 function in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service out-of-bounds write or possibly have unspecified other...

PT-2012-3998 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3.5 Description: The issue is related to an integer overflow in the i915 gem execbuffer2 function, which is part of the Direct Rendering Manager DRM subsystem. This can be exploited by local users through a...

PT-2012-3999 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3.5 Description: The issue is related to an integer overflow in the i915 gem do execbuffer function, which is part of the Direct Rendering Manager DRM subsystem. This can be exploited by local users through a...

CVE-2012-2384

Integer overflow in the i915gemdoexecbuffer function in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service out-of-bounds write or possibly have unspecified othe...

Mozilla Products Multiple Vulnerabilities (May 2012) - Mac OS X

Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird 10.0.x < 10.0.4 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An off-by-one error exists in the 'OpenType Sanitizer' that could lead to out-bounds-reads and possible code execution. CVE-2011-3062 - Memory safety issues exist that could lead to arbitrary...

Mozilla Thunderbird < 12.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that could lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' that...

Fedora Update for freetype FEDORA-2012-5422

Check for the Version of freetype OpenVAS Vulnerability Test Fedora Update for freetype FEDORA-2012-5422 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2012-0472

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict...

CVE-2012-0472

The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict...

CVE-2012-0472

CVE-2012-0472 is present in the MiracleLinux AXSA:2012-874:05 advisory, which mentions Mozilla Firefox 4.x–11.0 (and related products like Thunderbird/SeaMonkey in affected lines) and links the issue to the cairo-dwrite font rendering code. The description in the initial document (and mirrored in...

Debian DSA-2457-2 : iceweasel - several vulnerabilities

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2012-0467 Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hal...

RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2012:0514)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0514 advisory. - OpenJDK: JavaSound incorrect bounds check Sound, 7088367 CVE-2011-3563 - GlassFish: hash table collisions CPU usage DoS oCERT-2011-003...