Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328.
Monthly Archives: February 2015
CVE-2015-0326
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0328.
CVE-2015-0327
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0323.
CVE-2015-0328
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0325 and CVE-2015-0326.
CVE-2015-0329
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0330.
CVE-2015-0330
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, and CVE-2015-0329.
Sony Pictures Co-Chair Amy Pascal Quits After Email Hack
Fedora 20 Security Update: roundcubemail-1.0.5-1.fc20
Resolved Bugs
1188203 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [epel-all]
1188202 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [fedora-all]<br
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3
Fedora 20 Security Update: perl-Gtk2-1.2495-1.fc20
Resolved Bugs
1188219 – perl-Gtk2: incorrect memory management in Gtk2::Gdk::Display::list_devices
1188220 – perl-Gtk2: incorrect memory management in Gtk2::Gdk::Display::list_devices [fedora-all]
1187908 – perl-Gtk2-1.2495 is available<br
Update to 1.2495 to resolve an incorrect memory management issue in Gtk2::Gdk::Display::list_devices, which can potentially lead to arbitrary code execution.
Fedora 21 Security Update: roundcubemail-1.0.5-1.fc21
Resolved Bugs
1188203 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [epel-all]
1188202 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [fedora-all]<br
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3