|
301321
|
- |
|
microsoft
|
remote_desktop_connection_client
windows_2003_server
windows_server_2003
windows_xp
windows_7
windows_server_2008
windows_vista
|
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working dir…
|
NVD-CWE-Other
|
CVE-2011-0029
|
2024-11-21 10:23 |
2011-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301322
|
- |
|
alcatel-lucent
|
omnivista
|
Directory traversal vulnerability in the NMS server in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in HTTP G…
|
CWE-22
Path Traversal
|
CVE-2011-0345
|
2024-11-21 10:23 |
2011-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301323
|
- |
|
alcatel-lucent
|
omnipcx
|
Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server (CS) in Alcatel-Lucent OmniPCX E…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0344
|
2024-11-21 10:23 |
2011-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301324
|
- |
|
gplhost
|
domain_technologie_control
|
shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_acc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0437
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301325
|
- |
|
gplhost
|
domain_technologie_control
|
The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attack…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0436
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301326
|
- |
|
gplhost
|
domain_technologie_control
|
Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2) client/bw_per_month.php, which allows remote attackers to obtain potentially sens…
|
CWE-287
Improper Authentication
|
CVE-2011-0435
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301327
|
- |
|
gplhost
|
domain_technologie_control
|
Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php o…
|
CWE-89
SQL Injection
|
CVE-2011-0434
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301328
|
- |
|
hp
|
multifunction_peripheral_digital_sending_software
|
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly configure authentication settings of managed devices within device templates, which allows attackers to acce…
|
CWE-287
Improper Authentication
|
CVE-2011-0279
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301329
|
- |
|
mozilla
gnome
|
firefox
pango
|
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cau…
|
NVD-CWE-Other
|
CVE-2011-0064
|
2024-11-21 10:23 |
2011-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301330
|
- |
|
apple
|
itunes
|
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0192
|
2024-11-21 10:23 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
