| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2011-4213 |
264 |
|
Exec Code Bypass |
2011-10-30 |
2012-04-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent use of the os module, which allows local users to bypass intended access restrictions and execute arbitrary commands via a file_blob_storage.os reference within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. |
|
2 |
CVE-2011-4212 |
264 |
|
Exec Code Bypass |
2011-10-30 |
2011-10-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent os.popen calls, which allows local users to bypass intended access restrictions and execute arbitrary commands via a dev_appserver.RestrictedPathFunction._original_os reference within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. |
|
3 |
CVE-2011-4211 |
264 |
|
Exec Code Bypass |
2011-10-30 |
2011-10-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly control the opening of files, which allows local users to bypass intended access restrictions and create arbitrary files via ALLOWED_MODES and ALLOWED_DIRS changes within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. |
|
4 |
CVE-2011-4173 |
352 |
|
CSRF |
2011-10-24 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 allows remote attackers to hijack the authentication of administrators or moderators via vectors involving image files, a different vulnerability than CVE-2011-3615. NOTE: some of these details are obtained from third party information. |
|
5 |
CVE-2011-4172 |
79 |
|
XSS |
2011-10-24 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in KENT-WEB WEB FORUM before 5.1 allow remote attackers to inject arbitrary web script or HTML via (1) an e-mail address field or (2) a cookie, a related issue to CVE-2011-3383, CVE-2011-3983, and CVE-2011-3984. |
|
6 |
CVE-2011-4171 |
79 |
|
XSS |
2011-10-24 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in content/error.jsp in IBM WebSphere ILOG Rule Team Server 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the project parameter to teamserver/faces/home.jsp. |
|
7 |
CVE-2011-4170 |
79 |
|
XSS |
2011-10-23 |
2012-05-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the theme_adium_append_message function in empathy-theme-adium.c in the Adium theme in libempathy-gtk in Empathy 3.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted alias (aka nickname) in a /me event, a different vulnerability than CVE-2011-3635. |
|
8 |
CVE-2011-4151 |
20 |
|
DoS |
2011-10-20 |
2012-01-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4, when the db2 (aka Berkeley DB) back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, a different vulnerability than CVE-2011-1528. |
|
9 |
CVE-2011-4140 |
352 |
|
CSRF |
2011-10-19 |
2011-10-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code. |
|
10 |
CVE-2011-4139 |
20 |
|
|
2011-10-19 |
2011-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request. |
|
11 |
CVE-2011-4138 |
20 |
|
|
2011-10-19 |
2011-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitrary GET requests with an unintended source IP address via a crafted Location header. |
|
12 |
CVE-2011-4137 |
399 |
|
DoS |
2011-10-19 |
2011-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service (resource consumption) via a URL associated with (1) a slow response, (2) a completed TCP connection with no application data sent, or (3) a large amount of application data, a related issue to CVE-2011-1521. |
|
13 |
CVE-2011-4136 |
20 |
|
|
2011-10-19 |
2011-10-19 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that session's identifier. |
|
14 |
CVE-2011-4079 |
189 |
|
DoS Overflow |
2011-10-27 |
2012-02-16 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service (slapd crash) via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry. |
|
15 |
CVE-2011-4063 |
20 |
|
DoS |
2011-10-21 |
2012-02-13 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. |
|
16 |
CVE-2011-4062 |
119 |
1
|
DoS Overflow +Priv |
2011-10-17 |
2011-12-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the kernel in FreeBSD 7.3 through 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket. |
|
17 |
CVE-2011-4061 |
|
|
+Priv |
2011-10-17 |
2012-02-13 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header. |
|
18 |
CVE-2011-4060 |
59 |
|
|
2011-10-17 |
2012-02-13 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
The runtime linker in QNX Neutrino RTOS 6.5.0 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack. |
|
19 |
CVE-2011-4030 |
264 |
|
|
2011-10-10 |
2011-10-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587. |
|
20 |
CVE-2011-4026 |
89 |
1
|
Exec Code Sql |
2011-10-21 |
2012-05-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in thanks.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
|
21 |
CVE-2011-4024 |
79 |
1
|
XSS |
2011-10-21 |
2012-02-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
22 |
CVE-2011-4004 |
119 |
|
Exec Code Overflow |
2011-10-27 |
2012-04-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. |
|
23 |
CVE-2011-3988 |
89 |
|
Exec Code Sql |
2011-10-21 |
2012-05-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in data/class/SC_Query.php in EC-CUBE 2.11.0 through 2.11.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
|
24 |
CVE-2011-3984 |
79 |
|
XSS |
2011-10-24 |
2011-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to "web form entries." |
|
25 |
CVE-2011-3983 |
79 |
|
XSS |
2011-10-24 |
2011-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB FORUM 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to cookies. |
|
26 |
CVE-2011-3982 |
399 |
|
DoS |
2011-10-04 |
2012-05-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. |
|
27 |
CVE-2011-3981 |
94 |
1
|
Exec Code File Inclusion |
2011-10-04 |
2012-05-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. |
|
28 |
CVE-2011-3980 |
|
|
|
2011-10-04 |
2012-05-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and earlier for TYPO3 allows remote attackers to upload arbitrary files via unknown vectors. |
|
29 |
CVE-2011-3979 |
79 |
|
XSS |
2011-10-04 |
2012-02-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/theme_admin_setasdefault.php in the theme module in Zikula Application Framework 1.3.0 build 3168, 1.2.7, and probably other versions allows remote attackers to inject arbitrary web script or HTML via the themename parameter in the setasdefault action to index.php. |
|
30 |
CVE-2011-3978 |
79 |
|
XSS |
2011-10-04 |
2012-02-13 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) commentemail, (2) commentmessage, or (3) commentname parameter in a sendcomment action for the news page. |
|
31 |
CVE-2011-3977 |
|
|
|
2011-10-04 |
2012-02-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors. |
|
32 |
CVE-2011-3976 |
119 |
1
|
Exec Code Overflow |
2011-10-04 |
2012-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script. |
|
33 |
CVE-2011-3975 |
200 |
|
+Info |
2011-10-03 |
2011-10-20 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port. |
|
34 |
CVE-2011-3974 |
189 |
|
DoS |
2011-10-02 |
2012-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362. |
|
35 |
CVE-2011-3973 |
399 |
|
DoS |
2011-10-02 |
2012-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. |
|
36 |
CVE-2011-3891 |
264 |
|
DoS |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
37 |
CVE-2011-3890 |
399 |
|
DoS |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. |
|
38 |
CVE-2011-3889 |
119 |
|
DoS Overflow |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
39 |
CVE-2011-3888 |
399 |
|
DoS |
2011-10-25 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. |
|
40 |
CVE-2011-3887 |
264 |
|
Bypass |
2011-10-25 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors. |
|
41 |
CVE-2011-3886 |
20 |
|
DoS |
2011-10-25 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations. |
|
42 |
CVE-2011-3885 |
399 |
|
DoS |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. |
|
43 |
CVE-2011-3884 |
20 |
|
DoS |
2011-10-25 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. |
|
44 |
CVE-2011-3883 |
399 |
|
DoS |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. |
|
45 |
CVE-2011-3882 |
399 |
|
DoS |
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers. |
|
46 |
CVE-2011-3881 |
|
|
Bypass |
2011-10-25 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 15.0.874.102 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. |
|
47 |
CVE-2011-3880 |
20 |
|
|
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors. |
|
48 |
CVE-2011-3879 |
|
|
|
2011-10-25 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified impact and remote attack vectors. |
|
49 |
CVE-2011-3878 |
362 |
|
DoS |
2011-10-25 |
2012-11-06 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. |
|
50 |
CVE-2011-3877 |
79 |
|
XSS |
2011-10-25 |
2012-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the appcache internals page in Google Chrome before 15.0.874.102 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
