|
289331
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
|
CWE-20
Improper Input Validation
|
CVE-2012-5359
|
2024-11-21 10:44 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289332
|
9.8 |
CRITICAL
Network
|
ektron
|
ektron_content_management_system
|
The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrar…
|
CWE-19
Data Processing Errors
|
CVE-2012-5358
|
2024-11-21 10:44 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289333
|
9.8 |
CRITICAL
Network
|
ektron
|
ektron_content_management_system
|
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE …
|
CWE-19
Data Processing Errors
|
CVE-2012-5357
|
2024-11-21 10:44 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289334
|
7.8 |
HIGH
Local
|
ffmpeg
|
ffmpeg
|
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5361
|
2024-11-21 10:44 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289335
|
- |
|
tvmobili
|
tvmobili
|
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5451
|
2024-11-21 10:44 |
2015-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289336
|
- |
|
plone
|
plone
|
The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifi…
|
CWE-200
Information Exposure
|
CVE-2012-5508
|
2024-11-21 10:44 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289337
|
- |
|
plone
|
plone
|
The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a cr…
|
CWE-352
Origin Validation Error
|
CVE-2012-5500
|
2024-11-21 10:44 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289338
|
- |
|
libproxy_project
|
libproxy
|
Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary …
|
CWE-94
Code Injection
|
CVE-2012-5580
|
2024-11-21 10:44 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289339
|
- |
|
bananadance
|
banana_dance
|
functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to read arbitrary database information via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5243
|
2024-11-21 10:44 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289340
|
- |
|
bananadance
|
banana_dance
|
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parame…
|
CWE-22
Path Traversal
|
CVE-2012-5242
|
2024-11-21 10:44 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
