Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer Use After Free Vulnerability.”
CVE-2013-1308 (internet_explorer)
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer Use After Free Vulnerability,” a different vulnerability than CVE-2013-1309 and CVE-2013-2551.
CVE-2013-1312 (internet_explorer)
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer Use After Free Vulnerability.”
CVE-2013-3498 (smartpass)
Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
WatchGuard Expands Network Security Support for Microsoft Hyper-V Customers
WatchGuard’s XTMv and XCSv Solutions Provide Robust, Scalable Security for Businesses Using Microsoft Virtualization Products
Wheezy is out! Jessie is created and receives updates!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, these means that we are outphasing the relaxed rules for uploading to squeeze-backports-sloppy (and wheezy-backports) and ask you to only upload packages that are already in jessie to this suits. Please (re)read the rules stated in the contribution document[1] to update your memory. ;) Alex - on behalf of the backports ftpmasters [1] http://backports.debian.org/Contribute/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlGHV+sACgkQ01u8mbx9AgpCbQCggo0kQ7CulVDYrr+u2193tPJI 0zYAnAxJlCrb5Px5qLcUtqXVAP92J68R =inhn -----END PGP SIGNATURE-----
CVE-2013-3057
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors. (CVSS:4.0) (Last Update:2013-05-03)
CVE-2013-3056
Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors. (CVSS:4.0) (Last Update:2013-05-03)
CVE-2013-3242
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a denial of service via unspecified vectors. (CVSS:5.5) (Last Update:2014-03-07)
CVE-2013-3059
Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. (CVSS:4.3) (Last Update:2013-05-03)