|
302391
|
- |
|
canonical
gnome
|
ubuntu_linux
update-manager-core
|
DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uses weak permissions for (1) apt-clone_system_state.tar.gz and (2) system_state.tar.gz, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0948
|
2024-11-21 10:36 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302392
|
- |
|
mit
|
kerberos_5
|
The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x, and 1.10.x before 1.10.2 allows remote authenticated administrators to cause a deni…
|
NVD-CWE-Other
|
CVE-2012-1013
|
2024-11-21 10:36 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302393
|
- |
|
mit
|
kerberos_5
|
server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before 1.10.1 does not properly restrict access to (1) SET_STRING and (2) GET_STRINGS operations, which m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1012
|
2024-11-21 10:36 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302394
|
- |
|
sony
|
vaio_easy_connect
smartwi_connection_utillity
vaio_wireless_wizard
vaio_pc_wireless_lan_wizard
|
Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Conn…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0985
|
2024-11-21 10:36 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302395
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
opensuse
|
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2012-1186
|
2024-11-21 10:36 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302396
|
7.8 |
HIGH
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
opensuse
|
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-1185
|
2024-11-21 10:36 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302397
|
- |
|
libtiff
|
libtiff
|
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTile…
|
CWE-189
Numeric Errors
|
CVE-2012-1173
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302398
|
- |
|
sebastian_heinlein
canonical
|
aptdaemon
ubuntu_linux
|
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via …
|
CWE-287
Improper Authentication
|
CVE-2012-0944
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302399
|
- |
|
segue_project
|
segue
|
SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1255
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302400
|
- |
|
segue_project
|
segue
|
Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1254
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
