Apple Security Advisory 2012-11-29-1 - Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.
caa20eb0d66851c61553ae776f1f9fa646d8aa08b83a087b6b2dc7fe2af9bede
Safend Data Protector suffers from multiple privilege escalation vulnerabilities.
7fa4ab53d92dfd88c732eb79417967adbe52865b5df1b66c86b093a3abbc15b9
VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "imgRequestProxy::OnStopRequest()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.
6ff9c9465d128e7723f00c6eb8b2c513970c66279404d1491f6201d4b7ded1cd
Ubuntu Security Notice 1430-5 - USN-1430-3 fixed vulnerabilities in Thunderbird. This update provides an updated mozilla-devscripts which produces packaged addons compatible with the latest thunderbird packaging.
2e3cd2c8aeffd832578a924739c75e1773dc2e46546fb23e4d3f9e27f601fccf
Ubuntu Security Notice 1643-1 - It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. It was discovered that the 'new' constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. Various other issues were also addressed.
6c274eedfdb3da7dbb7671102ad6fe7a37edb74ba2b040227e902cbb757d04a1
Debian Linux Security Advisory 2579-1 - A vulnerability has been found in the Apache HTTPD Server.
75cc0f2d9d8dabf15819407aef98d97059d1c26d0754a1dead1d43130c26538d
Ubuntu Security Notice 1652-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
e2ab2490ada83b444a66c52183f126e16e8175d3cffdad175af3f948c4a2e280
Ubuntu Security Notice 1651-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
050be699e44be98ae2ca0aff99370d56139223bf52fe876c8f83644c51ece493
Ubuntu Security Notice 1650-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
ea0d826ac97c808d41bf039a736c91d3f83693af9097f54d42f504187da73d53
Ubuntu Security Notice 1649-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
50d96a46ae540807a3cbac6d9da2f0a742defbec6c2aeb63630420490e1280e4
Ubuntu Security Notice 1648-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
4eb660e26fd88a32afdbb6f4745741f275f50287259f53e6fcf824c0f62ee4ce
Ubuntu Security Notice 1647-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
bc7bae042dda4167991eaaa3aba4772592c4a371088803032bf38ec4fc7d8f3b
Ubuntu Security Notice 1646-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
e417f1d428863d8eb7268db89617f507396def202c65c7aa89768f7915d5e0be
Ubuntu Security Notice 1645-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
4d3dae198ecc5f0fab30ae0aa3248050f97447564d01f2bdf33aa7274130728c
Ubuntu Security Notice 1644-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
5a24998d89af0c468b0e5534c8e4d28d186288d82114644816fad0f143a37bfb
Drupal Zero Point third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
6347995ee546668a1cb10c9e6dcb8474565196af6e987f78ce2ca60daf7cdbf0
Drupal Webmail Plus third party module version 6.x suffers from a remote SQL injection vulnerability.
6fa3935c9e1b5fd40c0dc10a06f1425b572bff4c3acc8054a6de33b5695f47a8
Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.
0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Ubuntu Security Notice 1642-1 - Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubuntu 10.04 LTS. It was discovered that Lynx did not properly verify that an HTTPS certificate was signed by a trusted certificate authority. This could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. This update changes the behavior of Lynx such that self-signed certificates no longer validate. Users requiring the previous behavior can use the 'FORCE_SSL_PROMPT' option in lynx.cfg. Various other issues were also addressed.
b98e04aa75eae4a1918f485d23f130b118754361f7105d77894ebac142879154
Red Hat Security Advisory 2012-1512-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.
6f7db09dd21f23e1bf77fc46e0f5d364af0871fe611443be9a977f18023d9919
Red Hat Security Advisory 2012-1511-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.1 will end on 31st May, 2013.
9605d9da818d0a15e363b5aac249a85541b3999fc84cf8c6acf32264f66b46bd
Drupal Multi-Language Link and Redirect third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
16b169ea8d16998b870fa5e82e8bfe29ef5496ec76acb5215dc2913976eedab0
Drupal Mixpanel version 6.x suffers from a cross site scripting vulnerability.
3ed7e90f6032c72423060e1577756b8cf039348e1b7794bca96618b8465bc93b
Drupal Services versions 6.x and 7.x suffer from an information disclosure vulnerability.
d50c1ef2b299adfc26d879c8c4b9c23673085155d13d23f089b41cb0bf80a188
Drupal Email Field third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.
e3b63db0422c668d8a678dff5a87346abd5b6c935810c271e4060b7a8fb5ebb7