|
301901
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3690
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301902
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3689
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301903
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a c…
|
CWE-200
Information Exposure
|
CVE-2012-3650
|
2024-11-21 10:41 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301904
|
- |
|
isc
debian
canonical
|
dhcp
debian_linux
ubuntu_linux
|
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-3954
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301905
|
- |
|
isc
|
bind
|
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of …
|
CWE-362
Race Condition
|
CVE-2012-3868
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301906
|
- |
|
isc
|
bind
|
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initializ…
|
CWE-20
Improper Input Validation
|
CVE-2012-3817
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301907
|
- |
|
isc
canonical
debian
|
dhcp
ubuntu_linux
debian_linux
|
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3571
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301908
|
- |
|
isc
|
dhcp
|
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3570
|
2024-11-21 10:41 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301909
|
- |
|
adrian_chadd
|
rtg
rtg2
|
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
|
CWE-89
SQL Injection
|
CVE-2012-3881
|
2024-11-21 10:41 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301910
|
- |
|
kajona
|
kajona
|
Multiple cross-site scripting (XSS) vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3805
|
2024-11-21 10:41 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
