|
291341
|
- |
|
imagemagick
|
imagemagick
|
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of …
|
NVD-CWE-Other
|
CVE-2012-3437
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291342
|
- |
|
martin_nagy
|
bind-dyndb-ldap
|
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to…
|
CWE-20
Improper Input Validation
|
CVE-2012-3429
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291343
|
- |
|
redhat
|
icedtea-web
|
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive informat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3423
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291344
|
- |
|
redhat
|
icedtea-web
|
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3422
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291345
|
- |
|
gnu
|
automake
|
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local use…
|
CWE-264
CWE-362
Permissions, Privileges, and Access Controls
Race Condition
|
CVE-2012-3386
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291346
|
- |
|
extplorer
|
extplorer
|
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3454
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291347
|
- |
|
debian
|
logol
|
logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3453
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291348
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3452
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291349
|
- |
|
openvswitch
|
openvswitch
|
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3449
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291350
|
- |
|
kde
|
kde_pim
|
The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitra…
|
CWE-16
Configuration
|
CVE-2012-3413
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
