|
299761
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2011-3669
|
2024-11-21 10:30 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299762
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that c…
|
CWE-352
Origin Validation Error
|
CVE-2011-3668
|
2024-11-21 10:30 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299763
|
- |
|
mozilla
|
bugzilla
|
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when createemailregexp is…
|
CWE-287
Improper Authentication
|
CVE-2011-3667
|
2024-11-21 10:30 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299764
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3657
|
2024-11-21 10:30 |
2012-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299765
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
|
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached conten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3417
|
2024-11-21 10:30 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299766
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
|
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user ac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3416
|
2024-11-21 10:30 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299767
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
|
Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbi…
|
CWE-20
Improper Input Validation
|
CVE-2011-3415
|
2024-11-21 10:30 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299768
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_server_2003
windows_vista
|
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash value…
|
CWE-399
Resource Management Errors
|
CVE-2011-3414
|
2024-11-21 10:30 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299769
|
- |
|
rpm
|
rpm
|
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers …
|
CWE-94
Code Injection
|
CVE-2011-3378
|
2024-11-21 10:30 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299770
|
- |
|
cyrus
|
imapd
|
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO…
|
CWE-287
Improper Authentication
|
CVE-2011-3372
|
2024-11-21 10:30 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
