| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complex
ity
|
Authen
tication
|
Confiden
tiality
|
Integrity
|
Availa
bility
|
|
1 |
CVE-2012-2928 |
264 |
|
DoS |
2012-05-22 |
2012-05-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. |
|
2 |
CVE-2012-2927 |
399 |
|
DoS |
2012-05-22 |
2012-05-23 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors. |
|
3 |
CVE-2012-2926 |
264 |
|
DoS |
2012-05-22 |
2012-05-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; Bamboo before 3.3.4 and 3.4.x before 3.4.5; and Crowd before 2.0.9, 2.1 before 2.1.2, 2.2 before 2.2.9, 2.3 before 2.3.7, and 2.4 before 2.4.1 do not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors. |
|
4 |
CVE-2012-2921 |
399 |
|
DoS |
2012-05-21 |
2012-05-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document. |
|
5 |
CVE-2012-2612 |
119 |
|
DoS Overflow |
2012-05-15 |
2012-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. |
|
6 |
CVE-2012-2514 |
119 |
|
DoS Overflow |
2012-05-15 |
2012-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. |
|
7 |
CVE-2012-2513 |
119 |
|
DoS Overflow |
2012-05-15 |
2012-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. |
|
8 |
CVE-2012-2512 |
119 |
|
DoS Overflow |
2012-05-15 |
2012-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. |
|
9 |
CVE-2012-2511 |
119 |
|
DoS Overflow |
2012-05-15 |
2012-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. |
|
10 |
CVE-2012-2450 |
|
|
DoS Exec Code |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
|
11 |
CVE-2012-2449 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
|
12 |
CVE-2012-2448 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. |
|
13 |
CVE-2012-2425 |
20 |
|
DoS |
2012-04-25 |
2012-04-27 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) via a long URI. |
|
14 |
CVE-2012-2424 |
|
|
DoS |
2012-04-25 |
2012-04-27 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter. |
|
15 |
CVE-2012-2419 |
399 |
|
DoS |
2012-04-25 |
2012-04-27 |
1.8 |
None |
Local Network |
High |
Not required |
None |
None |
Partial |
|
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair. |
|
16 |
CVE-2012-2418 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-04-25 |
2012-04-27 |
6.8 |
None |
Local Network |
High |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a URI with a % (percent) character as its (1) last or (2) second-to-last character. |
|
17 |
CVE-2012-2416 |
119 |
|
DoS Overflow |
2012-04-30 |
2012-05-01 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel. |
|
18 |
CVE-2012-2415 |
119 |
|
DoS Overflow |
2012-04-30 |
2012-04-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events. |
|
19 |
CVE-2012-2396 |
|
1
|
DoS |
2012-04-19 |
2012-04-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file. |
|
20 |
CVE-2012-2336 |
20 |
|
DoS |
2012-05-11 |
2012-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. |
|
21 |
CVE-2012-2333 |
189 |
|
DoS |
2012-05-14 |
2012-05-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. |
|
22 |
CVE-2012-2329 |
119 |
|
DoS Overflow |
2012-05-11 |
2012-05-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request. |
|
23 |
CVE-2012-2322 |
189 |
|
DoS Overflow |
2012-05-18 |
2012-05-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet. |
|
24 |
CVE-2012-2320 |
264 |
|
DoS Bypass |
2012-05-18 |
2012-05-21 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message. |
|
25 |
CVE-2012-2277 |
119 |
1
|
DoS Overflow |
2012-05-14 |
2012-05-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. |
|
26 |
CVE-2012-2276 |
119 |
1
|
DoS Overflow |
2012-05-14 |
2012-05-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number. |
|
27 |
CVE-2012-2273 |
94 |
|
DoS |
2012-04-20 |
2012-04-20 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value. |
|
28 |
CVE-2012-2268 |
20 |
|
DoS |
2012-04-17 |
2012-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted Open-PDU request that triggers incorrect DisplayString processing, a different vulnerability than CVE-2012-1923. |
|
29 |
CVE-2012-2267 |
264 |
|
DoS |
2012-04-17 |
2012-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705 TCP connection, a different vulnerability than CVE-2012-1923. |
|
30 |
CVE-2012-2210 |
399 |
1
|
DoS |
2012-04-11 |
2012-04-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. |
|
31 |
CVE-2012-2131 |
189 |
|
DoS Overflow Mem. Corr. |
2012-04-24 |
2012-04-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110. |
|
32 |
CVE-2012-2121 |
264 |
|
DoS |
2012-05-17 |
2012-05-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. |
|
33 |
CVE-2012-2118 |
20 |
|
DoS Exec Code |
2012-05-18 |
2012-05-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name. |
|
34 |
CVE-2012-2110 |
119 |
|
DoS Overflow Mem. Corr. |
2012-04-19 |
2012-04-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. |
|
35 |
CVE-2012-2089 |
119 |
|
DoS Exec Code Overflow |
2012-04-17 |
2012-04-20 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. |
|
36 |
CVE-2012-2042 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-24 |
2012-05-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. |
|
37 |
CVE-2012-2033 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2032. |
|
38 |
CVE-2012-2032 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and CVE-2012-2033. |
|
39 |
CVE-2012-2031 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and CVE-2012-2033. |
|
40 |
CVE-2012-2030 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033. |
|
41 |
CVE-2012-2029 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and CVE-2012-2033. |
|
42 |
CVE-2012-2026 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2025. |
|
43 |
CVE-2012-2025 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, and CVE-2012-2026. |
|
44 |
CVE-2012-2024 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2025, and CVE-2012-2026. |
|
45 |
CVE-2012-2023 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-05-09 |
2012-05-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. |
|
46 |
CVE-2012-2006 |
|
|
DoS |
2012-05-02 |
2012-05-11 |
4.9 |
None |
Remote |
Medium |
Single system |
None |
Partial |
Partial |
|
Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. |
|
47 |
CVE-2012-1985 |
352 |
|
DoS CSRF |
2012-04-17 |
2012-04-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL. |
|
48 |
CVE-2012-1904 |
119 |
1
|
DoS Overflow Mem. Corr. |
2012-03-28 |
2012-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file. |
|
49 |
CVE-2012-1821 |
|
|
DoS |
2012-05-23 |
2012-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. |
|
50 |
CVE-2012-1809 |
399 |
|
DoS |
2012-04-13 |
2012-04-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. |
