[ MDVSA-2012:165 ] graphicsmagick

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2012:165 http://www.mandriva.com/security/

[ MDVSA-2012:166 ] bacula

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2012:166 http://www.mandriva.com/security/

[slackware-security] mozilla-firefox (SSA:2012-285-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2012-285-01) New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog:

[ MDVSA-2012:167 ] firefox

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2012:167 http://www.mandriva.com/security/

[CVE-2012-4750] Ezhometech EzServer 7.0 Remote Heap Corruption Vulnerability

[Title]: Ezhometech EzServer 7.0 Remote Heap Corruption Vulnerability [Description]: EzServer is a software for audio and video streaming adopted by various companies worldwide. Version 7.0 is affected by a remote heap corruption vulnerability. Version 6.x is not affected by this issue, as

Re: VLC Player 2.0.3 = ReadAV Arbitrary Code Execution (Update)

This issue can also be exploited remotly by using the file extension .flv since the VLC player browser plugin is also vulnerable.

SilverStripe CMS 2.4.7 = Arbitrary URL Redirection

1. OVERVIEW SilverStripe 2.4.7 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND SilverStripe CMS is easy for both developers and content authors to work with. The SilverStripe Framework keeps the code tucked away neatly so that it can be accessed easily by programmers

SilverStripe CMS 2.4.7 = Persistent Cross Site Scripting Vulnerability

1. OVERVIEW SilverStripe 2.4.7 and lower versions are vulnerable to Persistent Cross Site Scripting. 2. BACKGROUND SilverStripe CMS is easy for both developers and content authors to work with. The SilverStripe Framework keeps the code tucked away neatly so that it can be accessed easily by

Multiple vulnerabilities in Samsung Kies

Advisory ID: HTB23099 Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Version(s): 2.3.2.12054_20 and probably prior Tested Version: 2.3.2.12054_20 Vendor Notification: June 25, 2012 Public Disclosure: October 15, 2012 Vulnerability Type: NULL Pointer Dereference [CWE-476], Improper

Critical issues affecting Steam users

We have just released a paper [1], in which we prove that the current implementation of the Steam Browser Protocol handling mechanism is an excellent attack vector to exploit local issues in a remote fashion. Steam [2] is the biggest gaming related digital delivery platform with an audience of

[slackware-security] seamonkey (SSA:2012-288-01)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] seamonkey (SSA:2012-288-01) New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--+