Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. (CVSS:5.0) (Last Update:2013-05-14)
CVE-2010-1449
Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. (CVSS:7.5) (Last Update:2011-03-01)
CVE-2010-1158
Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string. (CVSS:5.0) (Last Update:2013-10-23)
Id it was time for them all to go
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#000000">
Any way w <img src="cid:1346be5e05ed21d309cf2020100416200111"> ith an electronic work
by people who agree to be bound by the terms of this agreement. There are a few things that
you can do with most Project Gutenberg-tm electronic works even without complying with the
full terms of this agreement.<br />
See paragraph 1.C below. There are a lot of things you can do with Project Gutenberg-tm electronic<br
/>
works if you follow the terms of this agreement and help preserve free future access to Project
Gutenberg-tm<br />
electronic works. See paragraph 1.E<br />
below. 1.C. The Project Gutenberg Literary Archive Foundation ("the Foundation" or PGLAF),
owns a compilation copyright in the<br />
collection of Project Gutenberg-tm electronic works. Nearly<br />
all the individual works in the collection are in
</body>
</html>
Oracle Critical Patch Update (CPU) – April 2010
CVE-2010-1226
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a “malformed character” issue. (CVSS:5.0) (Last Update:2010-04-02)
CVE-2010-1179
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024. (CVSS:9.3) (Last Update:2010-03-30)
CVE-2010-1176
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no associated TABLE element, and certain calls to the delete operator and the cloneNode, clearAttributes, and CollectGarbage methods, possibly a related issue to CVE-2009-0075. (CVSS:9.3) (Last Update:2010-03-30)
CVE-2010-1131
JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to cause a denial of service (application crash) via an HTML document composed of many successive occurrences of the substring. (CVSS:4.3) (Last Update:2010-06-08)
Subscription Clarification
With all the great questions I received with the first Subscription Clarification post, I thought it would be a great idea to post a NEW and IMPROVED post. I have also opened a discussion thread on the subject in each board for customers with questions about their specific situations.
Important Links:
Update Center (US):
http://updatecenter.norton.com
Purchase A Renewal:
http://shop.symantecstore.com/store/symnahho/en_US/DisplayUpgradePage/ThemeID.106300/pgm.12788100
Upgrade your Product:
To begin our discussion, I’ve provided a definition of the Symantec subscription terms that we will be using:
Upgrade – An Upgrade is an updated or more comprehensive solution that provides features and/or technologies not included in the Norton product that you are currently using. When you purchase an Upgrade, you get a new subscription for one or two years (depending upon the Upgrade you purchase) to use the more comprehensive product. Your new subscription period will begin when you activate the Upgrade product by entering the Upgrade activation key during the product installation process. Time remaining from your previous subscription is not added to the new Upgrade subscription time.
Example: You are a Norton AntiVirus 2008 user, and you purchase Norton Internet Security 2009. When you install this Upgrade, your new subscription period will begin, and any time remaining from your Norton AntiVirus 2008 subscription will not be added to your Norton Internet Security 2009 subscription.
Version Update – For certain Norton products (such as the 2006 and later versions of Norton AntiVirus, Norton Internet Security, and Norton 360), Version Updates are provided to you for no additional fee during your current product subscription. In addition to the latest Security Updates which are delivered through Symantec’s LiveUpdateâ„¢ technology, your product subscription entitles you to download, install and use the latest version of your product through the end of your current subscription period.
Example: You are a Norton 360 v1 user, and you download the Norton 360 v2 Version Update. You will be able to use Norton 360 v2 throughout the time remaining for your Norton 360 v1 subscription.
Renewal – When you purchase a subscription Renewal, you are buying an extension to your current Norton product subscription. A Renewal adds time to your existing subscription and enables you to receive Security Updates for your Norton product. For a 2006 or later version of certain Norton products (such as Norton AntiVirus, Norton Internet Security, or Norton 360), a Renewal also makes you eligible to download, install and use Version Updates for your Norton product for the duration of your subscription period. When you purchase a subscription Renewal, the renewal time period is added to the time remaining on your existing subscription.
Example: You are a Norton Internet Security 2008 user, and you have 15 days of subscription time remaining. You purchase a Renewal to extend your subscription time for another year. Upon completing your Renewal purchase, your new subscription period will equal 380 days (which represents the sum of your remaining 15 days plus the one year Renewal period). Please note that with a current subscription to Norton Internet Security 2008, you are also eligible for the Version Update to Norton Internet Security 2009 as described above.
Multiple License Scenarios – Here are a few scenarios that might help answer any specific questions you have. Please read below before you post a question about Subscriptions:
– When you activate the software on one PC with a license to be installed on up to three PCs, the activation period for all three licenses begins when the product is installed on the first PC. All three PCs will have the same subscription expiration date, regardless of when you install and activate the product on the second and third PCs.
– If you purchased a product with a subscription for up to three PCs, and you purchase a Renewal for this subscription through one of the PCs, the Renewal will extend the subscription period for all three PCs automatically. Running LiveUpdate on the other two PCs will enable each PC to contact Symantec’s servers so that the subscription period for each PC can be updated to reflect your Renewal purchase.
– If you purchased a product with a subscription for only one PC, and you purchase a Renewal for this subscription, the Renewal will extend the subscription period for just one PC. If you have a need to install the product on more than one PC, purchasing an Upgrade to a product that offers a subscription for up to three PCs might be a better idea.