|
298681
|
- |
|
microsoft
|
lync
office_communicator
internet_explorer
|
The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, w…
|
CWE-200
Information Exposure
|
CVE-2012-1858
|
2024-11-21 10:37 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298682
|
- |
|
microsoft
|
dynamics_ax
|
Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynami…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1857
|
2024-11-21 10:37 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298683
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application…
|
CWE-94
Code Injection
|
CVE-2012-1855
|
2024-11-21 10:37 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298684
|
- |
|
microsoft
|
lync
|
Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonst…
|
NVD-CWE-Other
|
CVE-2012-1849
|
2024-11-21 10:37 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298685
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Center Element Remote C…
|
CWE-94
Code Injection
|
CVE-2012-1523
|
2024-11-21 10:37 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298686
|
- |
|
forescout
|
counteract
|
Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1825
|
2024-11-21 10:37 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298687
|
- |
|
emerson
|
deltav
deltav_workstation
deltav_proessentials_scientific_graph
|
An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1818
|
2024-11-21 10:37 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298688
|
- |
|
emerson
|
deltav
deltav_workstation
deltav_proessentials_scientific_graph
|
Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary …
|
CWE-20
Improper Input Validation
|
CVE-2012-1817
|
2024-11-21 10:37 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298689
|
- |
|
emerson
|
deltav
deltav_workstation
deltav_proessentials_scientific_graph
|
PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to cause a denial of service (daemon c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1816
|
2024-11-21 10:37 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298690
|
- |
|
emerson
|
deltav
deltav_workstation
deltav_proessentials_scientific_graph
|
SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to execute arbitrary SQ…
|
CWE-89
SQL Injection
|
CVE-2012-1815
|
2024-11-21 10:37 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
