|
295671
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML by leveraging improper URL canonicalization during the han…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3695
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295672
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web sit…
|
CWE-200
Information Exposure
|
CVE-2012-3694
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295673
|
- |
|
apple
|
safari
|
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of…
|
NVD-CWE-Other
|
CVE-2012-3693
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295674
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3691
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295675
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3690
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295676
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3689
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295677
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a c…
|
CWE-200
Information Exposure
|
CVE-2012-3650
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295678
|
- |
|
isc
debian
canonical
|
dhcp
debian_linux
ubuntu_linux
|
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-3954
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295679
|
- |
|
isc
|
bind
|
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of …
|
CWE-362
Race Condition
|
CVE-2012-3868
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295680
|
- |
|
isc
|
bind
|
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initializ…
|
CWE-20
Improper Input Validation
|
CVE-2012-3817
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
