|
296261
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a sessio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0733
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296262
|
- |
|
ibm
|
rational_appscan
|
The Enterprise Console client in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv…
|
CWE-310
Cryptographic Issues
|
CVE-2012-0732
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296263
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-0731
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296264
|
- |
|
ibm
|
rational_appscan
|
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-0730
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296265
|
- |
|
ibm
|
rational_appscan
|
Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and…
|
NVD-CWE-Other
|
CVE-2012-0729
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296266
|
- |
|
pythonpaste
|
paste
|
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leverag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0878
|
2024-11-21 10:35 |
2012-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296267
|
- |
|
mumble
|
mumble
|
Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and config…
|
CWE-310
Cryptographic Issues
|
CVE-2012-0863
|
2024-11-21 10:35 |
2012-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296268
|
- |
|
mozilla
|
bugzilla
|
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0466
|
2024-11-21 10:35 |
2012-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296269
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0465
|
2024-11-21 10:35 |
2012-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296270
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the addres…
|
NVD-CWE-Other
|
CVE-2012-0479
|
2024-11-21 10:35 |
2012-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
