DLA-380-1 libvncserver - security update

Bulletin has no description...

DEBIAN-CVE-2015-8661

The h264sliceheaderinit function in libavcodec/h264slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other...

Automatic SQL Database Injection: jSQL Injection

jSQL Injection is a lightweight application used to find database information from a distant server. Tool is free, open source and cross-platform Windows, Linux, Mac OS X, Solaris. Features: GET, POST, header, cookie methods Normal, error based, blind, time based algorithms Automatic best algorit...

RedHat Update for glibc RHSA-2015:2172-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: partial ASLR bypass through TLS base addresses leak

An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage TLS during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process...

[SECURITY] Fedora 23 Update: nspr-4.10.10-1.fc23

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Deliberately Insecure Web Application: OWASP WebGoat

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.

The vulnerability of the AnimationThread function in Firefox and Firefox ESR browsers is caused by buffer overflow. Exploiting this vulnerability allows a malicious actor to cause service interruptions by using the incorrect sscanf argument...

UBUNTU-CVE-2015-7176

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=468 Windows: User Mode Font Driver Thread Permissions EoP Platform: Windows 10 Build 10130 Class: Elevation of Privilege Summary: The host process for the UMFD runs as a normal user but with a heavily restrictive process...

Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation

Microsoft Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=468 Windows: User Mode Font Driver Thread Permissions EoP Platform: Windows 10 Build 10130 Class: Elevation of Privilege...

Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)

Source: https://code.google.com/p/google-security-research/issues/detail?id=461 Windows: NtUserGetClipboardAccessToken Token Leak Redux Platform: Windows 8.1 Update, Windows 10 Build 10130 Class: Security Bypass/EoP Summary: The NtUserGetClipboardAccessToken win32k system call exposes the access...

FFmpeg ff_frame_thread_init Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffframethreadinit' function in the libavcodec/pthreadframe.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to...

DEBIAN-CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

DEBIAN-CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

chromium-browser: Use-after-free in Blink

Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...

UBUNTU-CVE-2015-1299

Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp...

F5 Networks BIG-IP : Linux kernel vulnerability (K17132)

arch/x86/kernel/tls.c in the Thread Local Storage TLS implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a crafted application that makes a...

RedHat Update for glibc RHSA-2015:1627-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...