DELTA 369249 0 19339
SVN�� � ��_��€a�]�_β��
χc¦#]s://www.mozilla.org/security/announce/2014/mfsa2014-73.html">
Antoine Delignat-Lavaud discovered that NSS is vulnerable
to a variant of a signature forgery attack previously
published by Daniel Bleichenbacher. This is due to lenient
parsing of ASN.1 values involved in a signature and could
lead to the forging of RSA certificates � � ��/�£�Mω>
���-s XrayWrappers
with JavaScriptcvename>CVE-2014-1492
CVE-2014-1518
CVE-2014-1519
CVE-2014-1520ΐ� � � |�z���zertificate. CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST. The first one tells libcurl to
verify the trust chain using a CA cert bundle, while the
second tells libcurl to make sure that the name fields in
the server certificatΰ� � ��2
�J
ώ}0���08.php">
XSS due to unescaped HTML Output when executing a SQL query.
Using a crafted SQL query, it was possible to produce an
XSS on the SQL query form.
� � � |�z���zev/2013-March/022337.html">
After getting reports about a possible vulnerability
of Roundcube which allows an attacker to modify its
users preferences in a way that he/she can then read
files from the server, we now published upd � � ���
G�v@½����
linux-sun-jre
7.07.11US CERT reports:
How badly can it affect you? A malicious user who *also* has the
ability to create arbitrary files in, say, /tmp (e.g., he has his own«ΰ� � � |�z���z cite="http://httpd.apache.org/security/vulnerabilities_24.html">
Insecure handling of LD_LIBRARY_PATH was found that could lead to
the current working directory to be searched for DSOs. This could
allow a local user to execute code a²� � ��/
�Mο@-���-Wordpress reports:
External code has been updated to
non-vulnerable versions.
In addition the Έ � � � |�z���zname>
ruby+nopthreads+oniguruma
ruby+oniguruma
1.8.7.357,1
rubygem-rack
1.3.6,3
v8
CVE-2011-298281
CVE-2011-2378http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php
http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php11� � � |�z���zCVE-2011-2347
CVE-2011-2348
CVE-2011-2349
CVE-2011-2350
CVE-2011-2351
CVE-2011-2358
CVE-2011-2359
tiff -- Multiple integer overflows
tiff
3.9.4
linux-tiff
linux-f10-tiff
http://secunia.com/advisories/37414/
http://lists.gnu.org/archive/html/libtool/2009-11/msg00059έΰ� � � |�z���z
xine developers report:
- Fix broken size checks in various input plugins (ref.
CVE-2008-5239).
26κ � � ��4
�H@2���2The release note of cups 1.3.9 reports:
It contains the following fixes:
- SECURITY: The HP-GLπΐ� � � |�z���ze>
CVE-2007-6067
CVE-2007-4769
CVE-2007-6601
27163
http://www.postgresql.org/about/news.905
20φΰ� � � |�z���z768
http://www.pcre.org/changelog.txt
2007-11-05
2007-11-06
24381
CVE-2007-3156
http://secun � � � |�z���zp>SecurityFocus reports about ImageMagick:
ImageMagick is prone to a remote heap-based buffer-overflow
vulnerability because the application fails to properly
boundsΐ� � �
����v����e-000ae42e9b93">
drupal -- XSS vulnerability
drupal
4.6.9ΰ� � �
P�N�RΏu�`&Nences>
15128
CAN-2005-2978
http://www.ubuntulinux.org/support/documentation/usn/usn-210-1
2005-10-18� � �
<�:�Mρ~�y
:/">
Simon Kilvington has reported a vulnerability in
FFmpeg libavcodec, which can be exploited by malicious
people to cause a DoS (Denial of Service) and
potentially � � ��a��Cρ?I�W‘@���`age6
5.35.3_20
Problem descripti’ΐ� � ��.���N~���,t a time, subsequently
started fetchnews and texpire programs will terminate. [...]
Upgrade your leafnode package to version 1.11.3cvename>CVE-2005-1911
A phpMyAdmin security announcement reports:
We received two bug reports by Maksymilian Arciemowic―� � � |�z���zlity in
the mysqlaccess script of MySQL that could allow an
unprivileged user to let root overwrite arbitrary files
via a symlink attack and could also could unveil the
contents of a temporary file which might contain sensitive
΅ � � � |�z���zdates>
gd -- integer overflow
gd
uk-gd
ja-gd
2.0.29,1
1.*,2»ΐ� � � |�z���zt-openoffice
pt_BR-openoffice
ru-openoffice
se-openoffice
sk-openoffice
sl-openoffice-SI
tr-openoffice
zh-openoffice-CN
zh-openoffice-TW