|
297591
|
- |
|
microsoft
|
visio
|
Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, …
|
CWE-200
Information Exposure
|
CVE-2013-1301
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297592
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JS…
|
CWE-200
Information Exposure
|
CVE-2013-1297
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297593
|
- |
|
cisco
|
unified_presence_server
|
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug380…
|
CWE-399
Resource Management Errors
|
CVE-2013-1242
|
2024-11-21 10:49 |
2013-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297594
|
- |
|
symantec
|
brightmail_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1611
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297595
|
- |
|
cisco
|
unified_customer_voice_portal
|
Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1225
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297596
|
- |
|
cisco
|
unified_customer_voice_portal
|
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (…
|
CWE-22
Path Traversal
|
CVE-2013-1224
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297597
|
- |
|
cisco
|
unified_customer_voice_portal
|
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via …
|
CWE-20
Improper Input Validation
|
CVE-2013-1223
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297598
|
- |
|
cisco
|
unified_customer_voice_portal
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbit…
|
CWE-16
Configuration
|
CVE-2013-1222
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297599
|
- |
|
cisco
|
unified_customer_voice_portal
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbi…
|
CWE-16
Configuration
|
CVE-2013-1221
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297600
|
- |
|
cisco
|
unified_customer_voice_portal
|
The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVIT…
|
NVD-CWE-Other
|
CVE-2013-1220
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
