|
296641
|
- |
|
symantec
|
message_filter
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for reque…
|
CWE-352
Origin Validation Error
|
CVE-2012-0303
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296642
|
- |
|
symantec
|
message_filter
|
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0302
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296643
|
- |
|
symantec
|
message_filter
|
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2012-0301
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296644
|
- |
|
symantec
|
message_filter
|
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive vers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0300
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296645
|
- |
|
novell
|
groupwise
|
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
|
CWE-22
Path Traversal
|
CVE-2012-0410
|
2024-11-21 10:34 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296646
|
- |
|
linux
|
linux_kernel
|
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to ca…
|
NVD-CWE-Other
|
CVE-2012-0045
|
2024-11-21 10:34 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296647
|
- |
|
symantec
|
liveupdate_administrator
|
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0304
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296648
|
- |
|
ibm
|
lotus_expeditor
|
The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0191
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296649
|
- |
|
ibm
|
lotus_expeditor
|
Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory.
|
NVD-CWE-Other
|
CVE-2012-0187
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296650
|
- |
|
ibm
|
lotus_expeditor
|
Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a cr…
|
CWE-22
Path Traversal
|
CVE-2012-0186
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
