|
301611
|
- |
|
arora-browser
|
arora
|
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certifica…
|
CWE-20
Improper Input Validation
|
CVE-2011-3367
|
2024-11-21 10:30 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301612
|
- |
|
adjam
|
rekonq
|
Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text.
|
CWE-20
Improper Input Validation
|
CVE-2011-3366
|
2024-11-21 10:30 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301613
|
- |
|
kde
|
kde_sc
|
The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2011-3365
|
2024-11-21 10:30 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301614
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation…
|
CWE-20
Improper Input Validation
|
CVE-2011-3646
|
2024-11-21 10:30 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301615
|
- |
|
clamav
|
clamav
|
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/byteco…
|
CWE-189
Numeric Errors
|
CVE-2011-3627
|
2024-11-21 10:30 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301616
|
- |
|
xelerance
|
openswan
|
Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, w…
|
NVD-CWE-Other
|
CVE-2011-3380
|
2024-11-21 10:30 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301617
|
- |
|
apache
|
tomcat
|
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3376
|
2024-11-21 10:30 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301618
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.
|
CWE-399
Resource Management Errors
|
CVE-2011-3442
|
2024-11-21 10:30 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301619
|
- |
|
apple
|
iphone_os
|
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname.
|
CWE-200
Information Exposure
|
CVE-2011-3441
|
2024-11-21 10:30 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301620
|
- |
|
apple
|
iphone_os
ipad2
|
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover dur…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3440
|
2024-11-21 10:30 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
