|
294901
|
- |
|
tryton
|
trytond
|
model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authent…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0215
|
2024-11-21 10:34 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294902
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
windows_2003_server
|
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbit…
|
CWE-94
Code Injection
|
CVE-2012-0175
|
2024-11-21 10:34 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294903
|
- |
|
symantec
|
message_filter
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for reque…
|
CWE-352
Origin Validation Error
|
CVE-2012-0303
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294904
|
- |
|
symantec
|
message_filter
|
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0302
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294905
|
- |
|
symantec
|
message_filter
|
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2012-0301
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294906
|
- |
|
symantec
|
message_filter
|
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive vers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0300
|
2024-11-21 10:34 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294907
|
- |
|
novell
|
groupwise
|
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
|
CWE-22
Path Traversal
|
CVE-2012-0410
|
2024-11-21 10:34 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294908
|
- |
|
linux
|
linux_kernel
|
The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to ca…
|
NVD-CWE-Other
|
CVE-2012-0045
|
2024-11-21 10:34 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294909
|
- |
|
symantec
|
liveupdate_administrator
|
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0304
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294910
|
- |
|
ibm
|
lotus_expeditor
|
The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0191
|
2024-11-21 10:34 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
