chromium -- multiple vulnerabilities

Google Chrome Releases reports: 11 security fixes in this release, including: 249502 High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne. 326854 High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG. 324969 High CVE-2013-6642: Address bar...

Stable Channel Update

The Chrome Team is excited to announce the promotion of Chrome 32 to the Stable channel. 32.0.1700.76 for Windows and Chrome Frame and 32.0.1700.77 for Mac and Linux. This release contains a number of fixes and improvements, including: Tab indicators for sound, webcam and casting A different look...

Stable Channel Update for Chrome OS

The Stable channel has been updated to 32.0.1700.95 Platform version: 4920.71.0 for all Chrome OS devices except Chromebook Pixel, which is expected in the upcoming days. This build contains a number of bug fixes, security updates and feature enhancements. Systems will be receiving updates over t...

Scientific Linux Security Update : tzdata enhancement update on SL5.x, SL6.x i386/x86_64 (20131223)

This update adds the following enhancement : The Jordanian government has reversed its decision to observe daylight saving time DST all year and in the year 2014, Jordan is going to resume to the transition schedule from the years 2006 - 2011. This year, Jordan will switch back to Arabia Standard...

Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities

Document Title: =============== Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1172 Release Date: ============= 2013-12-18 Vulnerability Laboratory ID VL-ID: ====================================...

CVE-2013-6634

The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/oneclicksigninhelper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper...

Nagios Looking Glass Addon for Nagios server/s3_download.php File Disclosure

The Nagios Looking Glass Addon for Nagios installed on the remote host is affected by a file disclosure vulnerability. By sending a specially crafted request to the Addon's 'server/s3download.php' script, a remote, unauthenticated attacker can leverage this vulnerability to obtain the contents of...

[SECURITY] Fedora 20 Update: owncloud-5.0.13-1.fc20

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

389-ds-base security update

1.2.11.15-30 - Resolves: bug 1024977 CVE-2013-4485 389-ds-base: DoS due to improper handling of ger attr searches 1.2.11.15-29 - Bump version to 1.2.11.15-29 - Resolves: bug 1008013: DS91: ns-slapd stuck in DSSleep 1.2.11.15-28 - Bump version to 1.2.11.15-28 - Resolves: Bug 1016038 - Users from A...

openSUSE: Security Advisory for update (openSUSE-SU-2013:1339-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Backup Copy "Source backup file has different block size."

Challenge The issue described in this KB Article only occurs when a Backup Copy job is using the Periodic copy pruning mode. During consecutive Backup Copy intervals, the same machine or group of machines fails to be processed. The message "Initial copy did not complete, and will resume on the ne...

pip: Multiple vulnerabilities

Background pip is a tool for installing and managing Python packages. Description Multiple vulnerabilities have been discovered in pip. Please review the CVE identifiers referenced below for details. Impact A remote attacker could conduct a Man-in-the-Middle attack to cause pip to execute arbitra...

Fedora Update for owncloud FEDORA-2013-13143

Check for the Version of owncloud OpenVAS Vulnerability Test Fedora Update for owncloud FEDORA-2013-13143 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

MGASA-2013-0249 Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling CVE-2013-2881. Cloudfuzzer discovered a type confusion issue in the V8 javascript library CVE-2013-2882. Cloudfuzzer discovered a...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Karthik Bhargavan discovered a way to bypass the Same Origin Policy in frame handling CVE-2013-2881. Cloudfuzzer discovered a type confusion issue in the V8 javascript library CVE-2013-2882. Cloudfuzzer discovered a...

HTCSyncManagerUpdate DLL Hijacking

Exploit Title: HTCSyncManagerUpdate quserex.dll & mfc71enu.dll & mfc71loc.dll Path Subversion Arbitrary DLL Injection Code Execution Author: IranianDarkCodersTeam Discovered by A.CH12 Software Link: http://www.htc.com/ Version: 2.1.46.0 Tested on: Windows 7 //...

HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities

HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/61745/info HTC Sync Manager is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues by enticing a legitimate user to use the...

HTC Sync Manager - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities

source: https://www.securityfocus.com/bid/61745/info HTC Sync Manager is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a...

[SECURITY] Fedora 19 Update: owncloud-4.5.13-1.fc19

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

[SECURITY] Fedora 18 Update: owncloud-4.5.13-1.fc18

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...