261181
|
- |
|
fetchmail
|
fetchmail
|
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NT…
|
NVD-CWE-noinfo
|
CVE-2012-3482
|
2013-04-5 12:12 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261182
|
- |
|
munin-monitoring
|
munin
|
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3512
|
2013-04-5 12:12 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261183
|
- |
|
mono
|
mono
|
Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3382
|
2013-04-5 12:11 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261184
|
- |
|
gnome
|
libgdata
|
libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL certificates, which allows remote attackers to obtain user names and passwords via a man-in-the-middle (MITM) attack with a spoof…
|
CWE-20
Improper Input Validation
|
CVE-2012-1177
|
2013-04-5 12:09 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261185
|
- |
|
atheme
|
atheme
|
The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10, and 7.x before 7.0.0-beta2 does not properly clean up CertFP entries when a user is deleted, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1576
|
2013-04-5 12:09 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261186
|
- |
|
novell
|
groupwise
|
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directo…
|
CWE-22
Path Traversal
|
CVE-2012-0419
|
2013-04-5 12:07 |
2012-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261187
|
- |
|
tedfelix
|
acpid2
|
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4578
|
2013-04-5 12:06 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261188
|
- |
|
igor_vlasenko
|
html-template-pro
|
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to impr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4616
|
2013-04-5 12:06 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261189
|
- |
|
novell
|
groupwise
|
The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and dae…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3827
|
2013-04-5 12:05 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261190
|
- |
|
rdesktop
|
rdesktop
|
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via …
|
CWE-22
Path Traversal
|
CVE-2011-1595
|
2013-04-5 12:01 |
2011-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|