|
297621
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via …
|
CWE-787
Out-of-bounds Write
|
CVE-2011-1017
|
2024-11-21 10:25 |
2011-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297622
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local…
|
CWE-369
Divide By Zero
|
CVE-2011-1012
|
2024-11-21 10:25 |
2011-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297623
|
- |
|
linux
|
linux_kernel
|
Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other imp…
|
CWE-120
Classic Buffer Overflow
|
CVE-2011-1010
|
2024-11-21 10:25 |
2011-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297624
|
- |
|
mutare
|
evm
|
Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1105
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297625
|
- |
|
mutare
|
evm
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages…
|
CWE-352
Origin Validation Error
|
CVE-2011-1104
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297626
|
- |
|
linux
|
linux_kernel
|
The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, wh…
|
CWE-200
Information Exposure
|
CVE-2011-1020
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297627
|
- |
|
linux
|
linux_kernel
|
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associa…
|
CWE-20
Improper Input Validation
|
CVE-2011-1016
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297628
|
- |
|
bestpractical
|
rt
|
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1008
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297629
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via t…
|
CWE-255
Credentials Management
|
CVE-2011-1007
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297630
|
- |
|
cisco
|
secure_desktop
|
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this pr…
|
CWE-20
Improper Input Validation
|
CVE-2011-0925
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
