|
295171
|
- |
|
hp
|
easy_printer_care_software
|
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program,…
|
CWE-94
Code Injection
|
CVE-2011-4786
|
2024-11-21 10:33 |
2012-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295172
|
- |
|
finaldraft
|
finaldraft
|
Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote attackers to execute arbitrary code via a crafted SmartType element, a different vulnerability than CVE-2011-5002. NOTE: the pr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5059
|
2024-11-21 10:33 |
2012-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295173
|
- |
|
3ssoftware
|
codesys
|
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory usin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5058
|
2024-11-21 10:33 |
2012-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295174
|
- |
|
apache
|
struts
|
Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5057
|
2024-11-21 10:33 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295175
|
- |
|
maradns
|
maradns
|
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a d…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2011-5056
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295176
|
- |
|
maradns
|
maradns
|
MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2011-5055
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295177
|
- |
|
invensys
|
wonderware_inbatch
|
Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4870
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295178
|
- |
|
kde
|
kcheckpass
|
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended s…
|
CWE-287
Improper Authentication
|
CVE-2011-5054
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295179
|
- |
|
wi-fi
|
wifi_protected_setup_protocol
|
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remo…
|
CWE-287
Improper Authentication
|
CVE-2011-5053
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295180
|
- |
|
apache
|
tomcat
|
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows rem…
|
CWE-399
Resource Management Errors
|
CVE-2011-4858
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
