Mandriva Linux Security Advisory 2012-122

Diskutiere Mandriva Linux Security Advisory 2012-122 im Security News Forum im Bereich Security Talk; Mandriva Linux Security Advisory 2012-122 - Multiple vulnerabilities has been discovered and corrected in icedtea-web. An uninitialized pointer...

  1. #1 newsbot, 03.08.2012
    newsbot

    newsbot Foren Gott

    Dabei seit:
    26.11.2007
    Beiträge:
    9.920
    Zustimmungen:
    1
    Mandriva Linux Security Advisory 2012-122 - Multiple vulnerabilities has been discovered and corrected in icedtea-web. An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used, it may cause the browser to crash or possibly execute arbitrary code. It was discovered that the IcedTea-Web web browser plugin incorrectly assumed that all strings provided by browser are NUL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface. When used in a browser that does not NUL terminate NPVariant NPStrings, this could lead to buffer over-read or over-write, resulting in possible information leak, crash, or code execution. The updated packages have been upgraded to the 1.1.6 version which is not affected by these issues.

    Weiterlesen...
     
Thema:

Mandriva Linux Security Advisory 2012-122

Die Seite wird geladen...

Mandriva Linux Security Advisory 2012-122 - Ähnliche Themen

  1. Linux-Distributor Mandriva wird abgewickelt

    Linux-Distributor Mandriva wird abgewickelt: Nach etlichen turbulenten Jahren wird der französische Linux-Distributor Mandriva komplett abgewickelt. Die Seiten des Unternehmens sind bereits...
  2. Mandriva Linux Security Advisory 2013-002

    Mandriva Linux Security Advisory 2013-002: Mandriva Linux Security Advisory 2013-002 - Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had...
  3. Mandriva Linux Security Advisory 2013-003

    Mandriva Linux Security Advisory 2013-003: Mandriva Linux Security Advisory 2013-003 - Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had...
  4. Mandriva Linux Security Advisory 2013-004

    Mandriva Linux Security Advisory 2013-004: Mandriva Linux Security Advisory 2013-004 - The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in...
  5. Mandriva Linux Security Advisory 2013-001

    Mandriva Linux Security Advisory 2013-001: Mandriva Linux Security Advisory 2013-001 - Versions of GnuPG less than or equal to 1.4.12 are vulnerable to memory access violations and public...