|
298601
|
- |
|
redhat
|
resteasy
|
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Bi…
|
CWE-200
Information Exposure
|
CVE-2011-5245
|
2024-11-21 10:33 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298602
|
- |
|
tetex
gnome
t1lib
|
tetex
evince
t1lib
|
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote at…
|
CWE-189
Numeric Errors
|
CVE-2011-5244
|
2024-11-21 10:33 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298603
|
- |
|
abraham_williams
|
twitteroauth
|
TwitterOAuth does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attacker…
|
CWE-20
Improper Input Validation
|
CVE-2011-5243
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298604
|
- |
|
themattharris
|
tmhoauth
|
tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2011-5242
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298605
|
- |
|
services_twitter_group
|
services_twitter
|
Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl…
|
CWE-20
Improper Input Validation
|
CVE-2011-5241
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298606
|
- |
|
magentocommerce
|
magento
|
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle…
|
CWE-20
Improper Input Validation
|
CVE-2011-5240
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298607
|
- |
|
civicrm
|
civicrm
|
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2011-5239
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298608
|
- |
|
google
|
checkout-php
|
google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5238
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298609
|
- |
|
paypal
|
wps_toolkit
|
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle at…
|
CWE-20
Improper Input Validation
|
CVE-2011-5237
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298610
|
- |
|
moneris
|
eselect_plus
|
Moneris eSelectPlus 2.03 PHP API does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in…
|
CWE-20
Improper Input Validation
|
CVE-2011-5236
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
