|
308001
|
- |
|
sco
|
scoofficeserver
|
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cle…
|
NVD-CWE-Other
|
CVE-2011-1432
|
2024-11-21 10:26 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308002
|
- |
|
frederik_vermeulen
|
netqmail
|
The STARTTLS implementation in qmail-smtpd.c in qmail-smtpd in the netqmail-1.06-tls patch for netqmail 1.06 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to inse…
|
NVD-CWE-Other
|
CVE-2011-1431
|
2024-11-21 10:26 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308003
|
- |
|
ipswitch
|
imail
|
The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP…
|
CWE-20
Improper Input Validation
|
CVE-2011-1430
|
2024-11-21 10:26 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308004
|
- |
|
mutt
|
mutt
|
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitra…
|
CWE-20
Improper Input Validation
|
CVE-2011-1429
|
2024-11-21 10:26 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308005
|
- |
|
flashtux
|
weechat
|
Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in…
|
CWE-20
Improper Input Validation
|
CVE-2011-1428
|
2024-11-21 10:26 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308006
|
- |
|
kodak
|
insite
|
Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 5.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Language parameter to Pages/login.aspx, (2) HeaderW…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1427
|
2024-11-21 10:26 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308007
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP r…
|
NVD-CWE-Other
|
CVE-2011-1419
|
2024-11-21 10:26 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308008
|
- |
|
apple
|
iphone_os
apple_tv
tvos
|
The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, w…
|
CWE-200
Information Exposure
|
CVE-2011-1418
|
2024-11-21 10:26 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308009
|
- |
|
apple
|
mac_os_x_server
mac_os_x
iphone_os
|
Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a …
|
CWE-189
Numeric Errors
|
CVE-2011-1417
|
2024-11-21 10:26 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308010
|
- |
|
rim
|
blackberry_torch_9800_firmware
blackberry_torch_9800
|
The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pin…
|
CWE-200
Information Exposure
|
CVE-2011-1416
|
2024-11-21 10:26 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
