|
301741
|
- |
|
ffmpeg
mplayerhq
mandriva
|
ffmpeg
mplayer
corporate_server
enterprise_server
linux
|
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mand…
|
NVD-CWE-noinfo
|
CVE-2011-2162
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301742
|
- |
|
ffmpeg
|
ffmpeg
|
The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (a…
|
CWE-399
Resource Management Errors
|
CVE-2011-2161
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301743
|
- |
|
ffmpeg
mplayerhq
|
ffmpeg
mplayer
|
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact …
|
CWE-20
Improper Input Validation
|
CVE-2011-2160
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301744
|
- |
|
smartertools
|
smarterstats
|
The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretati…
|
NVD-CWE-Other
|
CVE-2011-2158
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301745
|
- |
|
smartertools
|
smarterstats
|
The (1) Admin/frmEmailReportSettings.aspx and (2) Admin/frmGeneralSettings.aspx components in the SmarterTools SmarterStats 6.0 web server generate web pages containing e-mail addresses, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2157
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301746
|
- |
|
smartertools
|
smarterstats
|
The SmarterTools SmarterStats 6.0 web server omits the Content-Type header for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conf…
|
NVD-CWE-Other
|
CVE-2011-2159
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301747
|
- |
|
smartertools
|
smarterstats
|
The SmarterTools SmarterStats 6.0 web server allows remote attackers to obtain directory listings via a direct request for the (1) Admin/, (2) Admin/Defaults/, (3) Admin/GettingStarted/, (4) Admin/Po…
|
CWE-200
Information Exposure
|
CVE-2011-2156
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301748
|
- |
|
smartertools
|
smarterstats
|
Login.aspx in the SmarterTools SmarterStats 6.0 web server generates a ctl00$MPH$txtPassword password form field without disabling the autocomplete feature, which makes it easier for remote attackers…
|
CWE-287
Improper Authentication
|
CVE-2011-2155
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301749
|
- |
|
smartertools
|
smarterstats
|
login.aspx in the SmarterTools SmarterStats 6.0 web server does not include the HTTPOnly flag in a Set-Cookie header for the loginsettings cookie, which makes it easier for remote attackers to obtain…
|
CWE-200
Information Exposure
|
CVE-2011-2154
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301750
|
- |
|
smartertools
|
smarterstats
|
Login.aspx in the SmarterTools SmarterStats 6.0 web server supports URLs containing txtUser and txtPass parameters in the query string, which makes it easier for context-dependent attackers to discov…
|
CWE-200
Information Exposure
|
CVE-2011-2153
|
2024-11-21 10:27 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
