|
295471
|
- |
|
apple
|
mac_os_x_server
mac_os_x
|
CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL.
|
CWE-200
Information Exposure
|
CVE-2011-3447
|
2024-11-21 10:30 |
2012-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295472
|
- |
|
apple
|
mac_os_x_server
mac_os_x
|
Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (ap…
|
NVD-CWE-noinfo
|
CVE-2011-3446
|
2024-11-21 10:30 |
2012-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295473
|
- |
|
apple
|
mac_os_x_server
mac_os_x
|
Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an…
|
CWE-310
Cryptographic Issues
|
CVE-2011-3444
|
2024-11-21 10:30 |
2012-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295474
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote…
|
CWE-200
Information Exposure
|
CVE-2011-3670
|
2024-11-21 10:30 |
2012-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295475
|
- |
|
mozilla
suse
opensuse
|
thunderbird
seamonkey
firefox
linux_enterprise_server
linux_enterprise_desktop
opensuse
linux_enterprise_software_development_kit
|
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbi…
|
CWE-416
Use After Free
|
CVE-2011-3659
|
2024-11-21 10:30 |
2012-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295476
|
- |
|
drusus
kerry_thompson
|
logsurfer
logsurfer\+
|
Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted s…
|
CWE-399
Resource Management Errors
|
CVE-2011-3626
|
2024-11-21 10:30 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295477
|
- |
|
symantec
|
pcanywhere
|
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3479
|
2024-11-21 10:30 |
2012-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295478
|
- |
|
symantec
|
pcanywhere
|
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authent…
|
CWE-287
Improper Authentication
|
CVE-2011-3478
|
2024-11-21 10:30 |
2012-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295479
|
- |
|
apache
|
tomcat
|
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain uninten…
|
CWE-200
Information Exposure
|
CVE-2011-3375
|
2024-11-21 10:30 |
2012-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295480
|
- |
|
oracle
|
communications_unified
|
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server.
|
NVD-CWE-noinfo
|
CVE-2011-3574
|
2024-11-21 10:30 |
2012-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
