|
298851
|
- |
|
finaldraft
|
finaldraft
|
Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote attackers to execute arbitrary code via a crafted SmartType element, a different vulnerability than CVE-2011-5002. NOTE: the pr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5059
|
2024-11-21 10:33 |
2012-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298852
|
- |
|
3ssoftware
|
codesys
|
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory usin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5058
|
2024-11-21 10:33 |
2012-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298853
|
- |
|
apache
|
struts
|
Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5057
|
2024-11-21 10:33 |
2012-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298854
|
- |
|
maradns
|
maradns
|
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a d…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2011-5056
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298855
|
- |
|
maradns
|
maradns
|
MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2011-5055
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298856
|
- |
|
invensys
|
wonderware_inbatch
|
Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4870
|
2024-11-21 10:33 |
2012-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298857
|
- |
|
kde
|
kcheckpass
|
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended s…
|
CWE-287
Improper Authentication
|
CVE-2011-5054
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298858
|
- |
|
wi-fi
|
wifi_protected_setup_protocol
|
The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remo…
|
CWE-287
Improper Authentication
|
CVE-2011-5053
|
2024-11-21 10:33 |
2012-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298859
|
- |
|
apache
|
tomcat
|
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows rem…
|
CWE-399
Resource Management Errors
|
CVE-2011-4858
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298860
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5019
|
2024-11-21 10:33 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
