|
260961
|
- |
|
ubi
|
uplay_pc
|
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument.
|
CWE-78
OS Command
|
CVE-2012-4177
|
2013-04-2 12:19 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260962
|
- |
|
cisco
|
ios
catalyst_3560
catalyst_3560-e
catalyst_3560-x
catalyst_3750
catalyst_3750-e
catalyst_3750-x
catalyst_3750_metro
catalyst_3750g
|
Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bu…
|
CWE-362
Race Condition
|
CVE-2012-1338
|
2013-04-2 12:16 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260963
|
- |
|
cisco
|
mds_9000_nx-os
|
The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series switches allows remote attackers to cause a denial of service (module reload) via a crafted FCIP head…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1340
|
2013-04-2 12:16 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260964
|
- |
|
cisco
|
ios
|
Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1344
|
2013-04-2 12:16 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260965
|
- |
|
apple
|
safari
|
Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0680
|
2013-04-2 12:15 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260966
|
- |
|
apple
|
apple_remote_desktop
|
Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC sessio…
|
CWE-310
Cryptographic Issues
|
CVE-2012-0681
|
2013-04-2 12:15 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260967
|
- |
|
pythonpaste
|
paste
|
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leverag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0878
|
2013-04-2 12:15 |
2012-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260968
|
- |
|
novell
|
groupwise
|
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitr…
|
CWE-189
Numeric Errors
|
CVE-2012-0271
|
2013-04-2 12:14 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260969
|
- |
|
novell
|
groupwise
|
Per: http://www.novell.com/support/kb/doc.php?id=7010769
"Previous versions of GroupWise are likely also vulnerable but are no longer supported."
|
CWE-189
Numeric Errors
|
CVE-2012-0271
|
2013-04-2 12:14 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260970
|
- |
|
symantec
|
liveupdate_administrator
|
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0304
|
2013-04-2 12:14 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
