|
288961
|
- |
|
redhat
|
packstack
openstack_folsom
openstack_essex
|
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed …
|
CWE-255
Credentials Management
|
CVE-2013-1815
|
2024-11-21 10:50 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288962
|
- |
|
ruby-lang
|
ruby
|
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an X…
|
CWE-20
Improper Input Validation
|
CVE-2013-1821
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288963
|
- |
|
digineo
|
thumbshooter
|
lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-1898
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288964
|
- |
|
dan_kubb
|
extlib
|
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cau…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1802
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288965
|
- |
|
john_nunemaker
|
httparty
|
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1801
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288966
|
- |
|
john_nunemaker
|
crack
|
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1800
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288967
|
- |
|
freedesktop
|
poppler
|
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1790
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288968
|
- |
|
freedesktop
|
poppler
|
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransfor…
|
NVD-CWE-Other
|
CVE-2013-1789
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288969
|
- |
|
freedesktop
|
poppler
|
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1788
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288970
|
- |
|
apple
todd_miller
|
mac_os_x
sudo
|
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1776
|
2024-11-21 10:50 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
