3037 matches found
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
DEBIAN-CVE-2012-0214
The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool APT 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...
CVE-2012-0214
The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool APT 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...
Safari User-Assisted Download / Run Attack
This Metasploit module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme. At this point, the user is presented with Gatekeeper's prompt: "APPNAME" is an application downloaded from the...
Basic Integer Overflows
Introduction Basic Integer Overflow : In this paper we are going to describe two classes of programming bugs which can sometimes allow a malicious user to modify the execution path of an affected process. Both of these classes of bug work by causing variables to contain unexpected values, and so...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
CVE-2013-6727
IBM Lotus Sametime Connect Client (Windows) is affected by CVE-2013-6727. The vulnerability arises because the Connect client does not properly restrict unsigned Java plugins, enabling a remote attacker to disclose confidential information via unspecified vectors. Affected versions are IBM Sameti...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
Authentication flaw
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package...
UBUNTU-CVE-2014-0022
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package...
CVE-2014-0022
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package...
PT-2014-1871 · Red Hat · Yum +1
Name of the Vulnerable Software and Affected Versions: yum versions 3.4.3 and earlier Description: The issue allows remote attackers to bypass the RMP package signing restriction, potentially leading to a violation of protected information integrity. This can be exploited remotely. The...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation...
Fedora 18 : nspr-4.10.2-1.fc18 (2013-23139)
Update to nspr-4.10.2 to address CVE-2013-5607 nspr: Avoid unsigned integer wrapping in PLArenaAllocate MFSA 2013-103 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and forma...
Fedora 19 : nspr-4.10.2-1.fc19 (2013-23159)
Update to nspr-4.10.2 to address CVE-2013-5607 nspr: Avoid unsigned integer wrapping in PLArenaAllocate MFSA 2013-103 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and forma...
Mozilla Updater does not lock MAR file after signature verification — Mozilla
Security researcher Seb Patane reported that the Mozilla Updater does not write-lock the MAR update file when it is in use by the Updater. This leaves open the possibility of altering the contents of the MAR file after the signature on the file has been verified as valid but before it has been...