|
291871
|
- |
|
layton_technology
|
helpbox
|
editrequestuser.asp in Layton Helpbox 4.4.0 allows remote authenticated users to change arbitrary support-ticket data via a modified sys_request_id parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4975
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291872
|
- |
|
laytontechnology
|
helpbox
|
Layton Helpbox 4.4.0 allows remote authenticated users to change the login context and gain privileges via a modified (1) loggedinenduser, (2) loggedinendusername, (3) loggedinuserusergroup, (4) logg…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4974
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291873
|
- |
|
layton_technology
|
helpbox
|
Multiple cross-site scripting (XSS) vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) sys_solution_id, (2) sys_requesttype_id, (3) sys_…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4972
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291874
|
- |
|
microsoft
|
exchange_server
|
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS …
|
CWE-94
Code Injection
|
CVE-2012-4791
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291875
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not proper…
|
CWE-399
Resource Management Errors
|
CVE-2012-4787
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291876
|
- |
|
microsoft
|
windows_xp
windows_server_2008
windows_7
windows_server_2003
windows_vista
|
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 201…
|
CWE-94
Code Injection
|
CVE-2012-4786
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291877
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Us…
|
CWE-399
Resource Management Errors
|
CVE-2012-4782
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291878
|
- |
|
layton_technology
|
helpbox
|
Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) reqclass parameter to editrequestenduser.asp; the (2) sys_request_i…
|
CWE-89
SQL Injection
|
CVE-2012-4971
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291879
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Inject…
|
CWE-94
Code Injection
|
CVE-2012-4781
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291880
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
|
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via …
|
CWE-94
Code Injection
|
CVE-2012-4774
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
