|
296991
|
- |
|
mozilla
|
firefox
thunderbird
|
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3648
|
2024-11-21 10:30 |
2011-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296992
|
- |
|
mozilla
|
firefox
thunderbird
|
The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it ea…
|
CWE-20
Improper Input Validation
|
CVE-2011-3647
|
2024-11-21 10:30 |
2011-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296993
|
- |
|
apache
|
http_server
|
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to ga…
|
CWE-189
Numeric Errors
|
CVE-2011-3607
|
2024-11-21 10:30 |
2011-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296994
|
- |
|
conky
|
conky
|
The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.
|
CWE-59
Link Following
|
CVE-2011-3616
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296995
|
- |
|
pidgin
|
libpurple
pidgin
|
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3594
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296996
|
- |
|
nlnetlabs
|
ldns
|
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3581
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296997
|
- |
|
gnome
|
ifcfg-rh_plug-in
|
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, whe…
|
NVD-CWE-Other
|
CVE-2011-3364
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296998
|
- |
|
schneider-electric
|
opc_factory_server
vijeo_citect
telemecanique_driver_pack
monitor_pro
unity_pro
pl7_pro
|
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3330
|
2024-11-21 10:30 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296999
|
- |
|
php
|
php
|
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging pot…
|
CWE-94
Code Injection
|
CVE-2011-3379
|
2024-11-21 10:30 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297000
|
- |
|
ge
|
intelligent_platforms_proficy_historian
|
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3320
|
2024-11-21 10:30 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
