Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
Several security issues were fixed in Thunderbird ...
Several security issues were fixed in OpenJDK 6 ...
Several security issues were fixed in OpenJDK 7 ...
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure,
denial of service or insecure cryptography
For the oldstable distribution (wheezy), these problems have been fixed
in version 6b36-1138-1~deb7 ...
Several vulnerabilities were discovered in NSS, the cryptography
library developed by the Mozilla project
CVE-2015-4000
David Adrian et al reported that it may be feasible to attack
Diffie-Hellman-based cipher suites in certain circumstances,
compromising the confidentiality and integrity of data encrypted
with Transport Layer Se ...
Multiple security issues have been found in Iceweasel, Debian's version
of the Mozilla Firefox web browser: Multiple memory safety errors,
use-after-frees and other implementation errors may lead to the
execution of arbitrary code or denial of service This update also
addresses a vulnerability in DHE key processing commonly known as
the LogJam vul ...
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure,
denial of service or insecure cryptography
For the oldstable distribution (wheezy), these problems have been fixed
in version 7u79-256-1~deb7u ...
Mozilla Foundation Security Advisory 2015-70
NSS accepts export-length DHE keys with regular DHE cipher suites
Announced
July 2, 2015
Reporter
Matthew Green, authors of the paper
Impact
Moderate
Products
Firefox, Firefox ESR ...
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)
A flaw was found in the way the Libraries component of OpenJDK ve ...
A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic (CVE-2015-4000)
Please note that this update forces the TLS/SSL client implementation in NSS to ...
LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites) An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation This can lead to a passive man-in-the-middle attack in ...
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)
A flaw was found in the way the Libraries component of OpenJDK ve ...
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)
A flaw was found in the way the Libraries component of OpenJDK ve ...
Overview A TLS protocol vulnerability has been recently disclosed that could result in attackers being able to intercept and modify SSL/TLS encrypted traffic to servers that support Diffie-Hellman based export cipher suites This vulnerability is known as 'LogJam' and has been assigned the following CVE number: CVE-2015-4000: cvemitre ...
Description of Problem A number of security vulnerabilities have been identified in firmware used in the Lights Out Management (LOM) component across all NetScaler-based hardware appliances: Citrix NetScaler Application Delivery Controller (ADC) Citrix NetScaler Gateway Citrix NetScaler Service Delivery Appliance Citrix CloudBridge (now NetScaler S ...