Download
| Alert*
oval:org.secpod.oval:def:700044
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was ... oval:org.secpod.oval:def:700121 USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser o ... oval:org.secpod.oval:def:700045 USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious si ... oval:org.secpod.oval:def:100519 XULRunner provides the XUL Runtime environment for Gecko applications. oval:org.secpod.oval:def:100717 The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. oval:org.secpod.oval:def:4729 The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:17340 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:100724 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:200176 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:200099 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:100649 MinGW Windows Libpng library. oval:org.secpod.oval:def:100489 Galeon is a web browser built around Gecko and Necko . It"s a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. oval:org.secpod.oval:def:500478 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:100686 gnome-web-photo contains a thumbnailer that will be used by GNOME applications, including the file manager, to generate screenshots of web pages. oval:org.secpod.oval:def:100688 SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. oval:org.secpod.oval:def:100287 The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. oval:org.secpod.oval:def:100364 The libpng10 package contains an old version of libpng, a library of functions for creating and manipulating PNG image format files. This package is needed if you want to run binaries that were linked dynamically with libpng 1.0.x. oval:org.secpod.oval:def:400024 Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues. Mozilla Firefox was brought to the 3.5.11 security release. Mozilla Firefox on openSUSE 11.3 was brought to the 3.6.8 security release. Mozilla Thunderbird was brought to the ... oval:org.secpod.oval:def:201700 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:101135 This module allows you to use the Mozilla embedding widget from Perl. oval:org.secpod.oval:def:202832 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:100486 This module allows you to use the Mozilla embedding widget from Perl. oval:org.secpod.oval:def:201706 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:600073 Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1205 It was discovered a buffer overflow in libpng which allows remote attackers to execute arbitrary code ... oval:org.secpod.oval:def:700128 Several flaws were discovered in the browser engine of Thunderbird. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird pro ... oval:org.secpod.oval:def:2677 The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:36414 The host is installed with VMware Workstation 7.1.x before 7.1.2 or VMware Player 3.1.x before 3.1.2 and is prone to a buffer overflow vulnerability. A flaw is present in the libpng, which fails to handle unknown vectors. Successful exploitation allows remote attackers to bypass security feature. oval:org.secpod.oval:def:100826 The libpng package contains a library of functions for creating and manipulating PNG image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you ... oval:org.secpod.oval:def:201693 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:500287 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:201892 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:100835 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. oval:org.secpod.oval:def:500367 Mozilla Thunderbird is a standalone mail and newsgroup client. A memory corruption flaw was found in the way Thunderbird decoded certain PNG images. An attacker could create a mail message containing a specially-crafted PNG image that, when opened, could cause Thunderbird to crash or, potentially, e ... oval:org.secpod.oval:def:200004 SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileg ... oval:org.secpod.oval:def:100876 The libpng10 package contains an old version of libpng, a library of functions for creating and manipulating PNG image format files. This package is needed if you want to run binaries that were linked dynamically with libpng 1.0.x. oval:org.secpod.oval:def:202824 Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with th ... oval:org.secpod.oval:def:700038 USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. Original advisory details: If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a ... oval:org.secpod.oval:def:202822 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.mitre.oval:def:11512 Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered a buffer overflow in libpng which allows remote attackers to execute arbitrary code via a PNG ima ... oval:org.secpod.oval:def:1000303 The remote host is missing a patch 139382-03 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:100750 The libpng package contains a library of functions for creating and manipulating PNG image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you ... oval:org.secpod.oval:def:202821 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:100075 XULRunner provides the XUL Runtime environment for Gecko applications. oval:org.secpod.oval:def:202825 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:101073 SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. oval:org.secpod.oval:def:700186 Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox processed pl ... oval:org.secpod.oval:def:2885 The host is installed with Apple iTunes before 10.2 or Apple Safari before 5.0.4 or Apple Mac OS X 10.5.8 or 10.6 through 10.6.4 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to handle a PNG image that triggers an additional data row. Successful expl ... oval:org.secpod.oval:def:100816 This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko. oval:org.secpod.oval:def:100347 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. oval:org.secpod.oval:def:100023 Mozilla Sunbird is a cross-platform calendar application, built upon Mozilla Toolkit. It brings Mozilla-style ease-of-use to your calendar, without tying you to a particular storage solution. oval:org.secpod.oval:def:100661 Mozilla Sunbird is a cross-platform calendar application, built upon Mozilla Toolkit. It brings Mozilla-style ease-of-use to your calendar, without tying you to a particular storage solution. oval:org.secpod.oval:def:100385 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:101031 This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko. oval:org.secpod.oval:def:202816 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:100263 Galeon is a web browser built around Gecko and Necko . It"s a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. oval:org.secpod.oval:def:600009 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently enforc ... oval:org.secpod.oval:def:2936 The host is missing an APPLE-SA-2011-03-02-1 iTunes 10.2 update according to Apple Product Security. The update is required to fix denial of service vulnerability in Apple iTunes. The flaws are present in WebKit, ImageIO and libxml which fails to handle vectors related to iTunes Store browsing, craf ... oval:org.secpod.oval:def:300325 Multiple vulnerabilities has been found and corrected in libpng: Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service via a crafted PNG file oval:org.secpod.oval:def:3748 The host is missing an important security update according to Apple advisory, APPLE-SA-2010-08-24-1. The update is required to fix multiple vulnerabilities. A flaw is present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to cr ... oval:org.secpod.oval:def:2935 The host is missing an APPLE-SA-2011-03-02-1 iTunes 10.2 update according to Apple Product Security. The update is required to fix denial of service vulnerability in Apple iTunes. The flaws are present in WebKit, ImageIO and libxml which fails to handle vectors related to iTunes Store browsing, craf ... oval:org.secpod.oval:def:100379 gnome-web-photo contains a thumbnailer that will be used by GNOME applications, including the file manager, to generate screenshots of web pages. oval:org.secpod.oval:def:100895 MinGW Windows Libpng library. oval:org.secpod.oval:def:500425 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:200027 The libpng packages contain a library of functions for creating and manipulating PNG image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially-crafted ... oval:org.secpod.oval:def:201711 Mozilla Thunderbird is a standalone mail and newsgroup client. A memory corruption flaw was found in the way Thunderbird decoded certain PNG images. An attacker could create a mail message containing a specially-crafted PNG image that, when opened, could cause Thunderbird to crash or, potentially, e ... oval:org.secpod.oval:def:1000206 The remote host is missing a patch 139383-03 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:201714 Mozilla Thunderbird is a standalone mail and newsgroup client. A memory corruption flaw was found in the way Thunderbird decoded certain PNG images. An attacker could create a mail message containing a specially-crafted PNG image that, when opened, could cause Thunderbird to crash or, potentially, e ... oval:org.mitre.oval:def:11531 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: Wladimir Palant discovered that security checks in XML processing were insufficiently enforced. Chris Evan ... oval:org.mitre.oval:def:11851 The host is installed with Apple iTunes before 10.2, Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Mozilla SeaMonkey 2.x before 2.0.6 or Mozilla Thunderbird 3.1.x before 3.1.1 and 3.0.x before 3.0.6 or Apple Safari before 5.0.4 and is prone to buffer overflow vulnerability. The flaw is ... |