|
301801
|
- |
|
ibm
|
lotus_domino
|
Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, ak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0916
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301802
|
- |
|
ibm
|
lotus_domino
|
Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0915
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301803
|
- |
|
ibm
|
lotus_domino
|
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading …
|
CWE-189
Numeric Errors
|
CVE-2011-0914
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301804
|
- |
|
ibm
|
lotus_domino
|
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0913
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301805
|
- |
|
ibm
|
lotus_notes
|
Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.librar…
|
CWE-20
Improper Input Validation
|
CVE-2011-0912
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301806
|
- |
|
zikula
|
zikula_application_framework
|
Cross-site scripting (XSS) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: it is possible that …
|
CWE-79
Cross-site Scripting
|
CVE-2011-0911
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301807
|
- |
|
smc_networks
|
smcd3g-ccr
smcd3g-ccr_firmware
|
The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote atta…
|
CWE-310
Cryptographic Issues
|
CVE-2011-0887
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301808
|
- |
|
smc_networks
|
smcd3g-ccr
smcd3g-ccr_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 allow remote attackers to (1) hija…
|
CWE-352
Origin Validation Error
|
CVE-2011-0886
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301809
|
- |
|
smc_networks
|
smcd3g-ccr
smcd3g-ccr_firmware
|
A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attac…
|
CWE-255
Credentials Management
|
CVE-2011-0885
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301810
|
- |
|
vanillaforums
|
vanilla
|
The cookie implementation in Vanilla Forums before 2.0.17.6 makes it easier for remote attackers to spoof signed requests, and consequently obtain access to arbitrary user accounts, via HMAC timing a…
|
NVD-CWE-Other
|
CVE-2011-0910
|
2024-11-21 10:25 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
