|
293581
|
- |
|
apple
|
mac_os_x
|
Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecifi…
|
CWE-287
Improper Authentication
|
CVE-2012-3721
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293582
|
- |
|
apple
|
mac_os_x
|
Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for external-account use even if external accounts are not enabled, which might allow remote attackers t…
|
CWE-255
Credentials Management
|
CVE-2012-3720
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293583
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a…
|
CWE-20
Improper Input Validation
|
CVE-2012-3719
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293584
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that interc…
|
CWE-200
Information Exposure
|
CVE-2012-3718
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293585
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3716
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293586
|
- |
|
apple
|
safari
|
Apple Safari before 6.0.1 makes http requests for https URIs in certain circumstances involving a paste into the address bar, which allows user-assisted remote attackers to obtain sensitive informati…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3715
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293587
|
- |
|
apple
|
safari
|
The Form Autofill feature in Apple Safari before 6.0.1 does not restrict the filled fields to the set of fields contained in an Autofill popover, which allows remote attackers to obtain the Me card f…
|
CWE-264
CWE-200
Permissions, Privileges, and Access Controls
Information Exposure
|
CVE-2012-3714
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293588
|
- |
|
apple
|
safari
|
Apple Safari before 6.0.1 does not properly handle the Quarantine attribute of HTML documents, which allows user-assisted remote attackers to read arbitrary files by leveraging the presence of a down…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3713
|
2024-11-21 10:41 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293589
|
- |
|
freeradius
|
freeradius
|
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3547
|
2024-11-21 10:41 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293590
|
- |
|
freedesktop
|
libdbus
|
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3524
|
2024-11-21 10:41 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
