|
263221
|
- |
|
darold
|
squidclamav
|
The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cau…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3501
|
2012-08-27 13:00 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263222
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4668
|
2012-08-27 13:00 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263223
|
- |
|
isode
|
m-link
|
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses fo…
|
CWE-20
Improper Input Validation
|
CVE-2012-4669
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263224
|
- |
|
psyced
|
psyced
|
psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
|
CWE-20
Improper Input Validation
|
CVE-2012-4671
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263225
|
- |
|
thomas_hunter
|
neoinvoice
|
SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list…
|
CWE-89
SQL Injection
|
CVE-2012-4673
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263226
|
- |
|
google
|
tunnelblick
|
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability tha…
|
CWE-59
Link Following
|
CVE-2012-4676
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263227
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4677
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263228
|
- |
|
comodo
|
comodo_internet_security
|
Multiple race conditions in Comodo Internet Security before 5.8.213334.2131 allow local users to bypass the Defense+ feature via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2011-5118
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263229
|
- |
|
comodo
|
comodo_internet_security
|
Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2011-5119
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263230
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 5.4.189822.1355 allows remote attackers to cause a denial of service (application crash) via a crafted .PST file.
|
NVD-CWE-noinfo
|
CVE-2011-5120
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
