[Forgot Password]
Login  Register Subscribe

24003

 
 

131401

 
 

103942

 
 

909

 
 

84044

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

This advisory updates wireshark to the latest version , fixing several security issues: Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed file . Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark ...

This advisory updates wireshark to the latest version, fixing several bugs and one security issue: The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service via a malformed packet trace file .

Multiple security issues were identified and fixed in OpenJDK : * S7079902, CVE-2012-1711: Refine CORBA data models * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement * S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. * S7143872, CVE-2012-1718: Improve ...

Security issues were identified and fixed in openjdk and icedtea-web: IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking . IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availabil ...

A vulnerability has been discovered and corrected in clamav: Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service via an e-mail message that is not properly handled during certain hash calculations . Packages for 2009.0 are provided as of the Extended Maintenance Program

A vulnerability has been identified and fixed in ISC BIND: Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets . Packages for 2009.0 are provided as of the Extended Maintenance Program. For 2010.2 ...

A vulnerability has been found and corrected in mutt: Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766 . The updated packages have been patched to correct this issue.

Multile vulnerabilities has been found and corrected in vino: The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service via a large X position or Y position value in a framebuffer upda ...

A vulnerability has been found and corrected in gdm: GNOME Display Manager 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a dmrc or face icon file under /var/cache/gdm/ . The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery attacks via forged AJAX requests that leverage a combination of browser plugins and redirects, a related issue to C ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© 2013 SecPod Technologies