|
296601
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4668
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296602
|
- |
|
darold
|
squidclamav
|
Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) virus, (3) source, or (4) user par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4667
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296603
|
- |
|
websense
|
websense_email_security
|
The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it …
|
CWE-200
Information Exposure
|
CVE-2012-4605
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296604
|
- |
|
websense
|
websense_web_security
|
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a …
|
CWE-287
Improper Authentication
|
CVE-2012-4604
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296605
|
- |
|
mcafee
|
smartfilter_administration
|
McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which…
|
CWE-287
Improper Authentication
|
CVE-2012-4599
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296606
|
- |
|
mcafee
|
mcafee_virtual_technician
epo_mcafee_virtual_technician
|
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via…
|
NVD-CWE-noinfo
|
CVE-2012-4598
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296607
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4597
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296608
|
- |
|
mcafee
|
email_gateway
|
Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-4596
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296609
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin s…
|
CWE-287
Improper Authentication
|
CVE-2012-4595
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296610
|
- |
|
mcafee
|
epolicy_orchestrator
|
McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4594
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
