[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow: An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow . A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records i ...

This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow: An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow . A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records i ...

A vulnerability has been found and corrected in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification . This ...

Multiple Java OpenJDK security vulnerabilities has been identified and fixed: The design of the W3C XML Signature Syntax and Processing recommendation specifies an HMAC truncation length but does not require a minimum for its length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits . The Java Web Start f ...

Multiple vulnerabilities has been found and corrected in mono: IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers . Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or ...

Multiple security vulnerabilities has been identified and fixed in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature s ...

Multiple vulnerabilities has been found and corrected in mono: Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to HtmlControl.cs , HtmlForm.cs , HtmlInputButton , HtmlInputRadioButton , and HtmlSelect . The XML HMAC signature system did not correc ...

A vulnerability has been found and corrected in mono: The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation . This update fixes this vulnerability.

A vulnerability has been found and corrected in ntp: Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution . The updated packages have been patched to correct this issue.

A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21 . This update provides the latest Thunderbird to correct these issues. Additionaly, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architechture, would freeze whenever any Enigmail function wa ...


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   182

© 2013 SecPod Technologies