|
295181
|
- |
|
mozilla
|
firefox
thunderbird
|
Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, a…
|
CWE-200
Information Exposure
|
CVE-2011-3649
|
2024-11-21 10:30 |
2011-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295182
|
- |
|
mozilla
|
firefox
thunderbird
|
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3648
|
2024-11-21 10:30 |
2011-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295183
|
- |
|
mozilla
|
firefox
thunderbird
|
The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it ea…
|
CWE-20
Improper Input Validation
|
CVE-2011-3647
|
2024-11-21 10:30 |
2011-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295184
|
- |
|
apache
|
http_server
|
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to ga…
|
CWE-189
Numeric Errors
|
CVE-2011-3607
|
2024-11-21 10:30 |
2011-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295185
|
- |
|
conky
|
conky
|
The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.
|
CWE-59
Link Following
|
CVE-2011-3616
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295186
|
- |
|
pidgin
|
libpurple
pidgin
|
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3594
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295187
|
- |
|
nlnetlabs
|
ldns
|
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3581
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295188
|
- |
|
gnome
|
ifcfg-rh_plug-in
|
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, whe…
|
NVD-CWE-Other
|
CVE-2011-3364
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295189
|
- |
|
schneider-electric
|
opc_factory_server
vijeo_citect
telemecanique_driver_pack
monitor_pro
unity_pro
pl7_pro
|
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3330
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295190
|
- |
|
php
|
php
|
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging pot…
|
CWE-94
Code Injection
|
CVE-2011-3379
|
2024-11-21 10:30 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
