|
290741
|
- |
|
apache
canonical
|
httpclient
ubuntu_linux
|
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's …
|
CWE-295
Improper Certificate Validation
|
CVE-2012-5783
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290742
|
- |
|
amazon
|
flexible_payments_service
|
Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, w…
|
CWE-20
Improper Input Validation
|
CVE-2012-5782
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290743
|
- |
|
amazon
|
elastic_load_balancing
|
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2012-5781
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290744
|
- |
|
amazon
|
merchant_sdk
|
The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2012-5780
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290745
|
- |
|
justin_dodge
|
hotblocks
|
Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administ…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5705
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290746
|
- |
|
justin_dodge
|
hotblocks
|
The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a blo…
|
CWE-399
Resource Management Errors
|
CVE-2012-5704
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290747
|
- |
|
tp-link
|
tl-wr841n
tl-wr841n_firmware
|
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrar…
|
CWE-22
Path Traversal
|
CVE-2012-5687
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290748
|
- |
|
exim
|
exim
|
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn contro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5671
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290749
|
- |
|
invisionpower
invisioncommunity
|
invision_power_board
|
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-5692
|
2024-11-21 10:45 |
2012-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290750
|
- |
|
microsoft
|
excel_viewer
excel
office
|
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a craf…
|
NVD-CWE-noinfo
|
CVE-2012-5672
|
2024-11-21 10:45 |
2012-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
