|
296421
|
- |
|
php
|
php
|
Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not prop…
|
CWE-399
Resource Management Errors
|
CVE-2012-0789
|
2024-11-21 10:35 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296422
|
- |
|
php
|
php
|
The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted applica…
|
CWE-20
Improper Input Validation
|
CVE-2012-0788
|
2024-11-21 10:35 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296423
|
- |
|
mibew
|
mibew_messenger
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site sc…
|
CWE-352
Origin Validation Error
|
CVE-2012-0829
|
2024-11-21 10:35 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296424
|
- |
|
phpldapadmin_project
|
phpldapadmin
|
Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0834
|
2024-11-21 10:35 |
2012-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296425
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possi…
|
CWE-399
Resource Management Errors
|
CVE-2012-0452
|
2024-11-21 10:35 |
2012-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296426
|
- |
|
php
|
php
|
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct S…
|
CWE-20
Improper Input Validation
|
CVE-2012-0831
|
2024-11-21 10:35 |
2012-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296427
|
- |
|
apache
|
portable_runtime
|
tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependen…
|
CWE-20
Improper Input Validation
|
CVE-2012-0840
|
2024-11-21 10:35 |
2012-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296428
|
- |
|
inria
|
ocaml
|
OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consum…
|
CWE-20
Improper Input Validation
|
CVE-2012-0839
|
2024-11-21 10:35 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296429
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows rem…
|
CWE-94
Code Injection
|
CVE-2012-0928
|
2024-11-21 10:35 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296430
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving…
|
CWE-94
NVD-CWE-noinfo
Code Injection
|
CVE-2012-0927
|
2024-11-21 10:35 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
