EUVD-2013-2807

Malware in sbrugna...

Improper Input Validation

Synapse is vulnerable to Improper Input Validation. The vulnerability is due to improper validation of invites received over federation, allowing a malicious server to send crafted invites that disrupt the affected user's ability to perform /sync operations...

Debian DSA-2724-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \r\n\r\n carriage return, newline, carriage return, newline. - CVE-2013-2867 Chrome does not properly prevent pop-under windows. -...

CVE-2013-2868

common/extensions/synchelper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors...

Code injection

common/extensions/synchelper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors...

CVE-2013-2879

Removed by vendor...

CVE-2013-2868

Removed by vendor...

CVE-2013-2868

common/extensions/synchelper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors...

CVE-2009-5035

The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages...