257211
|
- |
|
kde
|
kde_pim
|
The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitra…
|
CWE-16
Configuration
|
CVE-2012-3413
|
2012-08-8 13:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257212
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3452
|
2012-08-8 13:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257213
|
- |
|
debian
|
logol
|
logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3453
|
2012-08-8 13:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257214
|
- |
|
cisco
|
ios
|
Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information b…
|
CWE-200
Information Exposure
|
CVE-2012-1361
|
2012-08-8 05:17 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257215
|
- |
|
cisco
|
nx-os nexus_5000
|
The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via I…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1357
|
2012-08-8 05:14 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257216
|
- |
|
cisco
|
wide_area_application_services
|
Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive …
|
CWE-200
Information Exposure
|
CVE-2012-1348
|
2012-08-8 05:02 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257217
|
- |
|
cisco
|
emergency_responder
|
Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369.
|
CWE-399
Resource Management Errors
|
CVE-2012-1346
|
2012-08-8 04:57 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257218
|
- |
|
cisco
|
ip_communicator
|
Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify the Certificate Trust List via unspecified vectors, aka Bug ID CSCtz01471.
|
CWE-20
Improper Input Validation
|
CVE-2012-2490
|
2012-08-8 04:47 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257219
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoo…
|
CWE-287
Improper Authentication
|
CVE-2012-2498
|
2012-08-7 13:00 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257220
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle attackers to spoo…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2499
|
2012-08-7 13:00 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|