Vulnerabilities > Suse > Linux Enterprise Software Development KIT

DATE CVE VULNERABILITY TITLE RISK
2013-12-11 CVE-2013-5619 Integer Overflow OR Wraparound vulnerability in multiple products
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code.
7.5
2013-12-11 CVE-2013-5614 Improper Restriction of Rendered UI Layers OR Frames vulnerability in multiple products
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
4.3
2013-12-11 CVE-2013-5612 Cross-Site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
4.3
2013-12-11 CVE-2013-5611 Security Bypass vulnerability in Mozilla Firefox
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
5.8
2013-12-11 CVE-2013-5610 Out-Of-Bounds Write vulnerability in multiple products
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
low complexity
mozilla oracle fedoraproject canonical opensuse suse CWE-787
critical
10.0
2013-07-17 CVE-2013-3812 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication. 3.5
2013-07-17 CVE-2013-3809 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
network
low complexity
oracle suse opensuse canonical mariadb
4.0
2013-07-17 CVE-2013-3808 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
network
low complexity
oracle mariadb opensuse suse
4.0
2013-07-17 CVE-2013-3805 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
network
low complexity
oracle suse opensuse mariadb
4.0
2013-07-17 CVE-2013-3804 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
network
low complexity
oracle debian canonical mariadb suse opensuse
4.0