|
261141
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4450
|
2013-03-8 13:09 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261142
|
- |
|
redhat
|
certificate_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4543
|
2013-03-8 13:09 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261143
|
- |
|
cisco
|
wireless_lan_controller_software
wireless_lan_controller
|
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1141
|
2013-03-7 14:00 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261144
|
- |
|
dovecot
|
dovecot
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm…
|
CWE-20
Improper Input Validation
|
CVE-2011-4318
|
2013-03-7 14:00 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261145
|
- |
|
cisco
|
security_monitoring_analysis_and_response_system
|
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity refe…
|
CWE-200
Information Exposure
|
CVE-2013-1140
|
2013-03-7 02:22 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261146
|
- |
|
debian
|
apache2
|
The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not proper…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1048
|
2013-03-7 01:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261147
|
- |
|
adobe
|
flash_player
flash_player_for_android
adobe_air
adobe_air_sdk
|
Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0630
|
2013-03-6 14:07 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261148
|
- |
|
rsa
|
authentication_agent_for_windows
|
EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a …
|
CWE-16
Configuration
|
CVE-2013-0931
|
2013-03-6 14:00 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261149
|
- |
|
rsa
|
authentication_agent_for_windows
|
Per http://archives.neohapsis.com/archives/bugtraq/2013-03/att-0001/ESA-2013-012.txt
"Affected Products:
Product: RSA Authentication Agent for Microsoft Windows version 7.1 and 7.1.1
Platforms…
|
CWE-16
Configuration
|
CVE-2013-0931
|
2013-03-6 14:00 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261150
|
- |
|
emc
|
networker
|
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specif…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-2288
|
2013-03-6 13:59 |
2012-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
