|
290451
|
- |
|
apache
|
struts
|
Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4387
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290452
|
- |
|
apache
|
struts
|
The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (…
|
CWE-352
Origin Validation Error
|
CVE-2012-4386
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290453
|
- |
|
adobe
|
adobe_air_sdk
adobe_air
flash_player_for_android
flash_player
|
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…
|
NVD-CWE-noinfo
|
CVE-2012-4171
|
2024-11-21 10:42 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290454
|
- |
|
gimp
|
gimp
|
The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command.
|
CWE-862
Missing Authorization
|
CVE-2012-4245
|
2024-11-21 10:42 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290455
|
- |
|
adobe
|
photoshop_cs6
|
Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4170
|
2024-11-21 10:42 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290456
|
- |
|
cybozu
|
cybozu_live
|
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted applicatio…
|
CWE-94
Code Injection
|
CVE-2012-4009
|
2024-11-21 10:42 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290457
|
- |
|
cybozu
|
cybozu_live
|
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web …
|
CWE-94
Code Injection
|
CVE-2012-4008
|
2024-11-21 10:42 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290458
|
- |
|
opera
|
opera_browser
|
Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660.
|
NVD-CWE-Other
|
CVE-2012-4010
|
2024-11-21 10:42 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290459
|
- |
|
pbboard
|
pbboard
|
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via…
|
NVD-CWE-Other
|
CVE-2012-4036
|
2024-11-21 10:42 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290460
|
- |
|
foxitsoftware
|
foxit_reader
|
Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number durin…
|
NVD-CWE-Other
|
CVE-2012-4337
|
2024-11-21 10:42 |
2012-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
