|
299641
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialize…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2011-1963
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299642
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted w…
|
CWE-20
Improper Input Validation
|
CVE-2011-1962
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299643
|
- |
|
microsoft
|
internet_explorer
|
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site,…
|
NVD-CWE-noinfo
|
CVE-2011-1961
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299644
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2011-1960
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299645
|
- |
|
microsoft
|
windows_server_2008
windows_7
windows_vista
|
Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a s…
|
CWE-399
Resource Management Errors
|
CVE-2011-1871
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299646
|
- |
|
redhat
|
libvirt
|
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security m…
|
NVD-CWE-Other
|
CVE-2011-2178
|
2024-11-21 10:27 |
2011-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299647
|
- |
|
novell
|
mobility_pack
data_synchronizer
|
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct c…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2224
|
2024-11-21 10:27 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299648
|
- |
|
novell
|
mobility_pack
data_synchronizer
|
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniff…
|
CWE-310
Cryptographic Issues
|
CVE-2011-2223
|
2024-11-21 10:27 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299649
|
- |
|
novell
|
mobility_pack
data_synchronizer
|
Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vecto…
|
NVD-CWE-Other
|
CVE-2011-2222
|
2024-11-21 10:27 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299650
|
- |
|
novell
|
mobility_pack
data_synchronizer
|
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecifi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2221
|
2024-11-21 10:27 |
2011-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
