|
297131
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disp…
|
CWE-94
Code Injection
|
CVE-2011-3000
|
2024-11-21 10:29 |
2011-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297132
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2999
|
2024-11-21 10:29 |
2011-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297133
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruptio…
|
NVD-CWE-noinfo
|
CVE-2011-2997
|
2024-11-21 10:29 |
2011-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297134
|
- |
|
mozilla
|
firefox
|
Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute a…
|
NVD-CWE-noinfo
|
CVE-2011-2996
|
2024-11-21 10:29 |
2011-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297135
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denia…
|
NVD-CWE-noinfo
|
CVE-2011-2995
|
2024-11-21 10:29 |
2011-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297136
|
- |
|
openssl
|
openssl
|
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows r…
|
CWE-399
Resource Management Errors
|
CVE-2011-3210
|
2024-11-21 10:29 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297137
|
- |
|
openssl
|
openssl
|
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3207
|
2024-11-21 10:29 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297138
|
- |
|
mantisbt
|
mantisbt
|
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the pr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2938
|
2024-11-21 10:29 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297139
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via the _mbox parameter to t…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2937
|
2024-11-21 10:29 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297140
|
- |
|
redhat
|
enterprise_mrg
|
Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized…
|
CWE-287
Improper Authentication
|
CVE-2011-2925
|
2024-11-21 10:29 |
2011-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
