|
297341
|
- |
|
perl
|
perl
|
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, whic…
|
NVD-CWE-Other
|
CVE-2011-2728
|
2024-11-21 10:28 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297342
|
- |
|
vmware
|
springsource_spring_security
|
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduc…
|
CWE-94
Code Injection
|
CVE-2011-2732
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297343
|
- |
|
vmware
|
springsource_spring_security
|
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows a…
|
CWE-362
Race Condition
|
CVE-2011-2731
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297344
|
- |
|
springsource
|
spring_framework
|
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows re…
|
CWE-16
Configuration
|
CVE-2011-2730
|
2024-11-21 10:28 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297345
|
- |
|
nspluginwrapper
|
nspluginwrapper
|
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2486
|
2024-11-21 10:28 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297346
|
- |
|
tedfelix
|
acpid2
|
samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DB…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2777
|
2024-11-21 10:28 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297347
|
- |
|
novell
|
zenworks_configuration_management
|
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to exe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2658
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297348
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.…
|
CWE-22
Path Traversal
|
CVE-2011-2657
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297349
|
- |
|
systemtap
|
systemtap
|
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local u…
|
CWE-20
Improper Input Validation
|
CVE-2011-2503
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297350
|
- |
|
systemtap
|
systemtap
|
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, wh…
|
CWE-20
Improper Input Validation
|
CVE-2011-2502
|
2024-11-21 10:28 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
