[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1027 Download | Alert*

Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure.

The host is missing a critical security update according to Mozilla advisory, MFSA2012-22. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to crafted IndexedDB data. Successful exploitation could allow attackers to execute arbitrary code.

The host is missing a security update according to Mozilla advisory, MFSA2012-53. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to sanitize the blocked uri parameter. Successful exploitation could allow attackers to retrieve a user's OAuth 2.0 access tokens and OpenID credentials.

The host is missing a security update according to MFSA 2012-95. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a javascript: URL in a bookmark. Successful exploitation allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.

The host is missing a security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to implementation of certain functions and other vectors. Successful exploitation allows attackers to cause a denial of service or possibly have other impact.

The host is missing a security update according to Adobe advisory, ASPB13-29. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

Soeren Balko reported a crash when terminating a web worker running asm.js code after passing an object between threads. This crash is potentially exploitable.

Mozilla developer David Keeler reported that the crypto.generateCRFMRequest method did not correctly validate the key type of the KeyParams argument when generating ec-dual-use requests. This could lead to a crash and a denial of service (DOS) attack.

The host is missing a security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted vectors. Successful exploitation allows attackers to cause denial of service, bypass the Same Origin Policy, gain privileges via a filesystem: URI or possibly have unspecified other impact.

The host is missing a security update according to Mozilla advisory, MFSA 2015-01. The update is required to fix to multiple unspecified vulnerabilities. The flaws are present in the applications, which fail to handle unknown vectors. Successful exploitation allows attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   102

© 2013 SecPod Technologies