|
294171
|
- |
|
mcafee
|
enterprise_mobility_manager
|
The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to captu…
|
NVD-CWE-Other
|
CVE-2012-4592
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294172
|
- |
|
mcafee
|
enterprise_mobility_manager
|
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially …
|
CWE-200
Information Exposure
|
CVE-2012-4591
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294173
|
- |
|
mcafee
|
enterprise_mobility_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4590
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294174
|
- |
|
mcafee
|
enterprise_mobility_manager
|
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to…
|
NVD-CWE-Other
|
CVE-2012-4589
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294175
|
- |
|
mcafee
|
enterprise_mobility_manager
enterprise_mobility_manager_agent
|
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1 record all invalid usernames presented in failed login attempts, and place them on a list of accounts that an administ…
|
CWE-255
Credentials Management
|
CVE-2012-4588
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294176
|
- |
|
mcafee
|
enterprise_mobility_manager
enterprise_mobility_manager_agent
|
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4587
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294177
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4586
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294178
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to read arbitrary files via a c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4585
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294179
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easi…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4584
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294180
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of…
|
CWE-200
Information Exposure
|
CVE-2012-4583
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
