|
290271
|
- |
|
ibm
|
cognos_business_intelligence
|
IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte.
|
CWE-189
Numeric Errors
|
CVE-2012-4847
|
2024-11-21 10:43 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290272
|
- |
|
microsoft
|
.net_framework
|
The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4777
|
2024-11-21 10:43 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290273
|
- |
|
microsoft
|
.net_framework
|
The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy setting…
|
CWE-20
Improper Input Validation
|
CVE-2012-4776
|
2024-11-21 10:43 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290274
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."
|
CWE-399
Resource Management Errors
|
CVE-2012-4775
|
2024-11-21 10:43 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290275
|
- |
|
bestpractical
|
rt
|
Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG clie…
|
CWE-94
Code Injection
|
CVE-2012-4884
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290276
|
- |
|
bestpractical
|
rt
|
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4734
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290277
|
- |
|
bestpractical
|
rt
|
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authe…
|
CWE-352
Origin Validation Error
|
CVE-2012-4732
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290278
|
- |
|
bestpractical
|
rtfm
|
FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4731
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290279
|
- |
|
bestpractical
|
rt
|
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attack…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4730
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290280
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
essex
folsom
|
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulne…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4573
|
2024-11-21 10:43 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
