Fedora 18 : php-symfony2-Validator-2.2.5-1.fc18 (2013-14590)

Updated to 2.2.5 CVE-2013-4751 Validation metadata serialization and loss of information Release blog posts : - http://symfony.com/blog/symfony-2-2-4-released - http://symfony.com/blog/security-releases-symfony-2-0- 24-2-1-12-2-2-5-and-2-3-3-released Full change log:...

Validation metadata serialization and loss of information

More info at https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released...

Validation metadata serialization and loss of information

More info at https://symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released...

SuSE 11.2 Security Update : java-1_6_0-openjdk (SAT Patch Number 8084)

java-160-openjdk has been updated to Icedtea6-1.12.6 version. Security fixes : - S6741606, CVE-2013-2407: Integrate Apache Santuario - S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls - S7170730, CVE-2013-2451: Improve Windows network stack support. - S8000638, CVE-2013-2450:...

OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...

OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...

OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...

OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...

OpenJDK: ObjectOutputStream access checks (Serialization, 8008132)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the...

OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...

Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2013-0751)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0751 advisory. 1.7.0.19-2.3.9.1.0.1.el64 - Update DISTRONAME in specfile 1.7.0.19-2.3.9.1.el6 - updated to updated IcedTea 2.3.9 with fix to one of security fixes -...

Important: java-1.6.0-openjdk

Issue Overview: Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. CVE-2013-2470,...

Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2013-0958)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0958 advisory. 1.7.0.25-2.3.10.4.0.1.el59 - Add oracle-enterprise.patch - Fix DISTRONAME to 'Enterprise Linux' 1.7.0.25-2.3.10.4.el5 - updated to newer IcedTea7-fores...

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

RHEL 5 / 6 : richfaces (RHSA-2013:1042)

Updated richfaces packages that fix one security issue are now available for Red Hat JBoss Enterprise Application Platform 5.2.0 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring...

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

Design/Logic Flaw

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

CVE-2013-3171

CVE-2013-3171 : The.NET Framework serialization path does not properly check permissions of delegate objects, enabling remote code execution via a crafted XBAP or a partial-trust .NET app. Affected products include .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5. The underlying root cause...

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

Microsoft .NET Framework Multiple Vulnerabilities (2861561)

This host is missing an important security update according to Microsoft Bulletin MS13-052. OpenVAS Vulnerability Test $Id: secpodms13-052.nasl 5555 2017-03-13 08:59:20Z cfi $ Microsoft .NET Framework Multiple Vulnerabilities 2861561 Authors: Antu Sanadi Copyright: Copyright c 2013 SecPod,...