|
295861
|
- |
|
unbound
|
unbound
|
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) …
|
CWE-399
Resource Management Errors
|
CVE-2011-4528
|
2024-11-21 10:32 |
2011-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295862
|
- |
|
pidgin
|
pidgin
|
The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attacke…
|
CWE-20
Improper Input Validation
|
CVE-2011-4603
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295863
|
- |
|
pidgin
|
pidgin
|
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of …
|
CWE-20
Improper Input Validation
|
CVE-2011-4602
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295864
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 1…
|
NVD-CWE-noinfo
|
CVE-2011-4369
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295865
|
- |
|
parallels
|
parallels_plesk_panel
|
Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4777
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295866
|
- |
|
parallels
|
parallels_plesk_panel
|
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow remote attackers to inject arbitrary web script or HTML via crafted inp…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4776
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295867
|
- |
|
parallels
|
parallels_plesk_small_business_panel
|
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to…
|
NVD-CWE-Other
|
CVE-2011-4768
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295868
|
- |
|
parallels
|
parallels_plesk_small_business_panel
|
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application…
|
CWE-200
Information Exposure
|
CVE-2011-4767
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295869
|
- |
|
parallels
|
parallels_plesk_small_business_panel
|
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE dis…
|
CWE-200
Information Exposure
|
CVE-2011-4766
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295870
|
- |
|
parallels
|
parallels_plesk_small_business_panel
|
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attac…
|
CWE-200
Information Exposure
|
CVE-2011-4765
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
