|
293641
|
- |
|
martin_nagy
|
bind-dyndb-ldap
|
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to…
|
CWE-20
Improper Input Validation
|
CVE-2012-3429
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293642
|
- |
|
redhat
|
icedtea-web
|
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive informat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3423
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293643
|
- |
|
redhat
|
icedtea-web
|
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3422
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293644
|
- |
|
gnu
|
automake
|
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local use…
|
CWE-264
CWE-362
Permissions, Privileges, and Access Controls
Race Condition
|
CVE-2012-3386
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293645
|
- |
|
extplorer
|
extplorer
|
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3454
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293646
|
- |
|
debian
|
logol
|
logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3453
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293647
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3452
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293648
|
- |
|
openvswitch
|
openvswitch
|
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3449
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293649
|
- |
|
kde
|
kde_pim
|
The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitra…
|
CWE-16
Configuration
|
CVE-2012-3413
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293650
|
- |
|
ganglia
|
ganglia-web
|
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-3448
|
2024-11-21 10:40 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
