|
287611
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer…
|
CWE-416
Use After Free
|
CVE-2013-1306
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287612
|
- |
|
microsoft
|
windows_rt
windows_8
windows_server_2012
|
HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vu…
|
CWE-399
Resource Management Errors
|
CVE-2013-1305
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287613
|
- |
|
microsoft
|
lync
lync_server
office_communicator
|
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1302
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287614
|
- |
|
microsoft
|
visio
|
Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, …
|
CWE-200
Information Exposure
|
CVE-2013-1301
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287615
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 8 does not properly restrict data access by VBScript, which allows remote attackers to perform cross-domain reading of JSON files via a crafted web site, aka "JS…
|
CWE-200
Information Exposure
|
CVE-2013-1297
|
2024-11-21 10:49 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287616
|
- |
|
cisco
|
unified_presence_server
|
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug380…
|
CWE-399
Resource Management Errors
|
CVE-2013-1242
|
2024-11-21 10:49 |
2013-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287617
|
- |
|
symantec
|
brightmail_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1611
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287618
|
- |
|
cisco
|
unified_customer_voice_portal
|
Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1225
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287619
|
- |
|
cisco
|
unified_customer_voice_portal
|
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (…
|
CWE-22
Path Traversal
|
CVE-2013-1224
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287620
|
- |
|
cisco
|
unified_customer_voice_portal
|
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via …
|
CWE-20
Improper Input Validation
|
CVE-2013-1223
|
2024-11-21 10:49 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
