259831
|
- |
|
gnu
|
gnash
|
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/g…
|
CWE-59
Link Following
|
CVE-2010-4337
|
2012-06-19 12:35 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259832
|
- |
|
seil
|
b1 x1 x2 b1_firmware x86_firmware
|
SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are en…
|
NVD-CWE-Other
|
CVE-2012-2632
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259833
|
- |
|
newsgator
|
feeddemon
|
Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2634
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259834
|
- |
|
dolphin-browser
|
dolphin_browser_hd dolphin_for_pad
|
The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2012-2635
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259835
|
- |
|
atmarkweb
|
\@web_shoppingcart_t \@web_shoppingcart
|
Cross-site scripting (XSS) vulnerability in WEBLOGIC @WEB ShoppingCart before 1.5.2.0, and @WEB ShoppingCart T 1.5.0.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2631
|
2012-06-15 23:55 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259836
|
- |
|
opera
|
opera_browser
|
Opera before 11.65 does not properly restrict the reading of JSON strings, which allows remote attackers to perform cross-domain loading of JSON resources and consequently obtain sensitive informatio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3557
|
2012-06-15 22:45 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259837
|
- |
|
opera
|
opera_browser
|
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to condu…
|
CWE-20
Improper Input Validation
|
CVE-2012-3556
|
2012-06-15 22:39 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259838
|
- |
|
vmware
|
workstation player esx esxi
|
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) v…
|
CWE-94
Code Injection
|
CVE-2012-3289
|
2012-06-15 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259839
|
- |
|
opera
|
opera_browser
|
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3558
|
2012-06-15 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259840
|
- |
|
opera
|
opera_browser
|
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by de…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3560
|
2012-06-15 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|