chromium -- multiple vulnerabilities

Google Chrome Releases reports: 176882 High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva. 176252 High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to "chromium.khalil". 172926 172331 High CVE-2013-0904: Memory corruption in Web Audio. Credit to...

java-1_7_0-openjdk: update to 2.3.6 (critical)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...

Scientific Linux Security Update : gdb on SL6.x i386/x86_64 (20130221)

GDB tried to auto-load certain files such as GDB scripts, Python scripts, and a thread debugging library from the current working directory when debugging programs. This could result in the execution of arbitrary code with the user's privileges when GDB was run in a directory that has untrusted...

Nmap NSE 6.01: mysql-info

Connects to a MySQL server and prints information such as the protocol and version numbers, thread ID, status, capabilities, and the password salt. If service detection is performed and the server appears to be blocking our host or is blocked because of too many connections, then this script isn'...

RHEL 6 : gdb (RHSA-2013:0522)

Updated gdb packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SuSE 11.2 Security Update : Java 1.6.0 (SAT Patch Number 7332)

java-160-openjdk based on Icedtea6-1.12.2 was released, fixing various security issues : New in release 1.12.2 2012-02-03 : - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name ...

Moderate: Red Hat Security Advisory: gdb security and bug fix update

Updated gdb packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

WinRM Script Exec Remote Code Execution

This module uses valid credentials to login to the WinRM service and execute a payload. It has two available methods for payload delivery: Powershell 2 and above and VBS CmdStager. The module will check if Powershell is available, and if so uses that method. Otherwise it falls back to the VBS...

java-1_6_0-openjdk to 1.12.2 (important)

OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2013:010)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Impro...

Fedora 16 : java-1.7.0-openjdk-1.7.0.9-2.3.5.3.fc16 (2013-2188)

The update contains the following security fixes : - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction time - S6776941: CVE-2013-0427: Improve thread pool shutdow...

Fedora 16 : java-1.6.0-openjdk-1.6.0.0-69.1.11.6.fc16 (2013-1898)

Rewritten java-1.6.0-openjdk-java-access-bridge-security.patch - Updated to icedtea6 1.11.6 - Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at construction...

OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: th...

OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Libraries. NOTE: the previous information ...

RHEL 5 : libvirt (RHSA-2011:0478)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0478 advisory. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition,...

CentOS Update for freeradius2 CESA-2013:0134 centos5

Check for the Version of freeradius2 OpenVAS Vulnerability Test CentOS Update for freeradius2 CESA-2013:0134 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

CentOS 5 : freeradius2 (CESA-2013:0134)

Updated freeradius2 packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CVE-2013-0764

CVE-2013-0764 affects Mozilla Firefox (before 18.0), Firefox ESR (before 17.0.2), Thunderbird (before 17.0.2 and ESR 17.x before 17.0.2), and SeaMonkey (before 2.15). The vulnerability is a thread-safety issue in nsSOCKSSocketInfo::ConnectToProxy that can allow remote code execution through craft...

CVE-2013-0764

The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not ensure thread safety for SSL sessions, which allows remote attackers to execute arbitrar...

Low: Red Hat Security Advisory: freeradius2 security and bug fix update

Updated freeradius2 packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...