|
293031
|
- |
|
psyced
|
psyced
|
psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
|
CWE-20
Improper Input Validation
|
CVE-2012-4671
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293032
|
- |
|
tigase
|
tigase_xmpp_server
|
Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Author…
|
CWE-20
Improper Input Validation
|
CVE-2012-4670
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293033
|
- |
|
isode
|
m-link
|
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses fo…
|
CWE-20
Improper Input Validation
|
CVE-2012-4669
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293034
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4668
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293035
|
- |
|
darold
|
squidclamav
|
Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) virus, (3) source, or (4) user par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4667
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293036
|
- |
|
websense
|
websense_email_security
|
The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it …
|
CWE-200
Information Exposure
|
CVE-2012-4605
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293037
|
- |
|
websense
|
websense_web_security
|
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a …
|
CWE-287
Improper Authentication
|
CVE-2012-4604
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293038
|
- |
|
mcafee
|
smartfilter_administration
|
McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which…
|
CWE-287
Improper Authentication
|
CVE-2012-4599
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293039
|
- |
|
mcafee
|
mcafee_virtual_technician
epo_mcafee_virtual_technician
|
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via…
|
NVD-CWE-noinfo
|
CVE-2012-4598
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293040
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4597
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
