DSA-3730-1 icedove - security update

Bulletin has no description...

Debian Security Advisory DSA 3730-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian OpenVAS Vulnerability Test $Id: deb3730.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3730-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

Ubuntu: Security Advisory (USN-3153-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3730-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2016-9102

Memory leak in the v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption and QEMU process crash via a large number of Txattrcreate messages with the same fid number...

chromium-browser: same-origin bypass in pdfium

The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

chromium-browser: same-origin bypass in svg

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

Google Chrome SVG Same-Origin Bypass Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A same-origin bypass vulnerability exists in Google Chrome SVG. An attacker can exploit this vulnerability to bypass the same-origin policy...

Google Chrome PDFium Same-Origin Bypass Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. PDFium is one of the open source PDF rendering engine. A security vulnerability exists in PDFium in versions of Google Chrome prior to 55.0.2883.75. An attacker can exploit the vulnerability to bypass the same-origi...

Security update for MozillaThunderbird (important)

This update for MozillaThunderbird fixes some potential security issues and bugs. The following security flaws cannot be exploited through email because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts: - CVE-2016-9079: SVG Animation Remote Co...

CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

UBUNTU-CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

Updated thunderbird packages fix security vulnerabilities

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash CVE-2016-5296. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This...

[ASA-201612-3] chromium: multiple issues

Arch Linux Security Advisory ASA-201612-3 ========================================= Severity: Critical Date : 2016-12-03 CVE-ID : CVE-2016-5203 CVE-2016-5204 CVE-2016-5205 CVE-2016-5206 CVE-2016-5207 CVE-2016-5208 CVE-2016-5209 CVE-2016-5210 CVE-2016-5211 CVE-2016-5212 CVE-2016-5213 CVE-2016-5214...

CVE-2016-5224

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...

Mozilla Firefox < 50.0 Multiple Vulnerabilities

Binary data 9804.prm...

Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities

Binary data 9805.prm...

Debian DLA-730-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. A man-in-the-middle attack in the addon update mechanism ha...

[SECURITY] [DLA 730-1] firefox-esr security update

Package : firefox-esr Version : 45.5.1esr-1deb7u1 CVE ID : CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation erro...

USN-3141-1 thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...