Fedora Update for kernel FEDORA-2012-6344

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for rubygem-actionpack FEDORA-2012-3166

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20120829)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...

Fedora Update for xfig FEDORA-2012-11801

Check for the Version of xfig OpenVAS Vulnerability Test Fedora Update for xfig FEDORA-2012-11801 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

thunderbird security update

CentOS Errata and Security Advisory CESA-2012:1211 An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring...

CVE-2012-1956

Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object aka window.location, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via vectors involving a...

Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)

Use-after-free vulnerability in the nsTArraybase::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)

Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that...

Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)

Use-after-free vulnerability in the nsTArraybase::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service...

[SE-2012-01] information regarding recently discovered Java 7 attack

Hello All, This post is made in reference to recently discovered attack against Java SE 7 platform 12. We discovered that the vulnerabilities used by the attack code are similar to some of the weaknesses that we have found as part of our SE-2012-01 Java SE security research project 3. The recentl...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the "stand alone PHP application for the OSM Player," as used in the MediaFront module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal, allow remote attackers to inject arbitrary web script or HTML via 1 $SERVER'HTTPHOST' or 2...

SVG buffer overflow and use-after-free issues — Mozilla

Security researcher Arthur Gerkis used the Address Sanitizer tool to find two issues involving Scalable Vector Graphics SVG files. The first issue is a buffer overflow in Gecko's SVG filter code when the sum of two values is too large to be stored as a signed 32-bit integer, causing the function ...

CVE-2012-2146

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

PYSEC-2012-13

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

PYSEC-2012-13

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

UBUNTU-CVE-2012-2146

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

CVE-2012-2146

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

CVE-2012-2146

CVE-2012-2146 affects Elixir up to at least 0.8.0, where Blowfish in CFB mode is used without a unique initialization vector (IV). This weak IV construction can enable context-dependent users to obtain sensitive information and potentially decrypt the database. The connected documents confirm the...

CVE-2012-2146

Removed by vendor...