[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1066 Download | Alert*

Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure.

Several vulnerabilities have been discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-1906 Puppet is using predictable temporary file names when downloading Mac OS X package files. This allows a local attacker to either overwrite arbitrary files on the system or to install an arbitrary pac ...

Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files. The Common Vulnerabilities and Exposures project identifies the following problems: Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) v ...

The host is missing a critical security update according to Mozilla advisory, MFSA2012-22. The update is required to fix use-after-free vulnerability. A flaw is present in the applications, which fail to handle vectors related to crafted IndexedDB data. Successful exploitation could allow attackers to execute arbitrary code.

The host is missing a security update according to Mozilla advisory, MFSA2012-53. The update is required to fix an information disclosure vulnerability. A flaw is present in the applications, which fail to sanitize the blocked uri parameter. Successful exploitation could allow attackers to retrieve a user's OAuth 2.0 access tokens and OpenID credentials.

The host is missing a security update according to MFSA 2012-95. The update is required to fix arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a javascript: URL in a bookmark. Successful exploitation allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.

The host is missing a security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors related to implementation of certain functions and other vectors. Successful exploitation allows attackers to cause a denial of service or possibly have other impact.

The host is missing a security update according to Adobe advisory, ASPB13-29. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

Soeren Balko reported a crash when terminating a web worker running asm.js code after passing an object between threads. This crash is potentially exploitable.

Mozilla developer David Keeler reported that the crypto.generateCRFMRequest method did not correctly validate the key type of the KeyParams argument when generating ec-dual-use requests. This could lead to a crash and a denial of service (DOS) attack.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   106

© 2013 SecPod Technologies