|
291981
|
- |
|
rubygems
|
mail_gem
|
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
|
CWE-20
Improper Input Validation
|
CVE-2012-2140
|
2024-11-21 10:38 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291982
|
- |
|
rubygems
|
mail_gem
|
Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the…
|
CWE-22
Path Traversal
|
CVE-2012-2139
|
2024-11-21 10:38 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291983
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript …
|
NVD-CWE-Other
|
CVE-2012-1967
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291984
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1966
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291985
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the security context of a feed: URL, which allows remote attackers to bypass unspecified cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1965
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291986
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, T…
|
NVD-CWE-noinfo
|
CVE-2012-1964
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291987
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1963
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291988
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before…
|
CWE-399
Resource Management Errors
|
CVE-2012-1962
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291989
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
seamonkey
|
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly handle duplicate values i…
|
CWE-20
Improper Input Validation
|
CVE-2012-1961
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291990
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 might allow remote attackers …
|
CWE-200
Information Exposure
|
CVE-2012-1960
|
2024-11-21 10:38 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
