CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 1 and 1.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2012-6544 200 +Info 2013-03-15 2019-04-22
1.9
None Local Medium Not required Partial None None
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
502 CVE-2012-6543 200 +Info 2013-03-15 2013-03-18
1.9
None Local Medium Not required Partial None None
The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
503 CVE-2012-6542 200 +Info 2013-03-15 2019-04-22
1.9
None Local Medium Not required Partial None None
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.
504 CVE-2012-6541 200 +Info 2013-03-15 2013-03-18
1.9
None Local Medium Not required Partial None None
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
505 CVE-2012-6540 200 +Info 2013-03-15 2013-05-14
1.9
None Local Medium Not required Partial None None
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
506 CVE-2012-6539 200 +Info 2013-03-15 2013-05-14
1.9
None Local Medium Not required Partial None None
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
507 CVE-2012-6538 200 +Info 2013-03-15 2019-04-22
1.9
None Local Medium Not required Partial None None
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.
508 CVE-2012-6537 200 +Info 2013-03-15 2019-04-22
1.9
None Local Medium Not required Partial None None
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
509 CVE-2012-6140 200 Bypass +Info 2013-04-24 2013-05-07
1.9
None Local Medium Not required Partial None None
pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different vulnerability than CVE-2013-0258.
510 CVE-2012-6095 362 2013-01-24 2013-01-25
1.2
None Local High Not required None Partial None
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
511 CVE-2012-5616 255 +Info 2013-01-22 2013-04-01
1.5
None Local Medium Single system Partial None None
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
512 CVE-2012-4838 +Info 2012-12-08 2017-08-28
1.9
None Local Medium Not required Partial None None
IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging unspecified side effects of service or maintenance activity.
513 CVE-2012-4832 200 +Info 2013-01-31 2017-08-28
1.9
None Local Medium Not required Partial None None
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
514 CVE-2012-4693 310 2012-12-18 2012-12-19
1.9
None Local Medium Not required Partial None None
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file.
515 CVE-2012-4676 59 2012-08-26 2012-08-27
1.2
None Local High Not required None Partial None
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485.
516 CVE-2012-4535 399 DoS 2012-11-21 2017-08-28
1.9
None Local Medium Not required None None Partial
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
517 CVE-2012-4508 362 +Info 2012-12-21 2014-01-07
1.9
None Local Medium Not required Partial None None
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.
518 CVE-2012-4461 DoS 2013-01-22 2013-06-20
1.9
None Local Medium Not required None None Partial
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
519 CVE-2012-3741 287 Bypass 2012-09-20 2017-08-28
1.9
None Local Medium Not required None Partial None
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly handle purchase attempts after a Disable Restrictions action, which allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions.
520 CVE-2012-3734 310 Bypass 2012-09-20 2017-08-28
1.9
None Local Medium Not required Partial None None
Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content.
521 CVE-2012-3729 264 +Info 2012-09-20 2017-08-28
1.9
None Local Medium Not required Partial None None
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface.
522 CVE-2012-3520 287 2012-10-03 2016-10-11
1.9
None Local Medium Not required None Partial None
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
523 CVE-2012-3500 362 2012-09-30 2017-08-28
1.2
None Local High Not required None Partial None
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.
524 CVE-2012-3487 362 2012-08-26 2012-08-27
1.2
None Local High Not required None Partial None
Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.
525 CVE-2012-3432 264 DoS 2012-12-03 2013-10-10
1.9
None Local Medium Not required None None Partial
The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions.
526 CVE-2012-3215 2012-10-16 2013-10-10
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect confidentiality via unknown vectors related to Kernel.
527 CVE-2012-3162 2012-10-16 2013-10-10
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows local users to affect confidentiality, related to MDS loading.
528 CVE-2012-3145 2012-10-16 2017-08-28
1.5
None Local Medium Single system Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.2.0 allows local users to affect confidentiality, related to BASE.
529 CVE-2012-3116 2012-07-17 2017-12-21
1.9
None Local Medium Not required Partial None None
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows local users to affect confidentiality via unknown vectors.
530 CVE-2012-2934 DoS 2012-12-03 2013-10-10
1.9
None Local Medium Not required None None Partial
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217.
531 CVE-2012-2737 362 2012-07-22 2017-08-28
1.9
None Local Medium Not required Partial None None
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.
532 CVE-2012-2678 310 2012-07-03 2017-09-18
1.2
None Local High Not required Partial None None
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
533 CVE-2012-2425 20 1 DoS 2012-04-25 2017-12-18
1.8
None Local Network High Not required None None Partial
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) via a long URI.
534 CVE-2012-2424 DoS 2012-04-25 2017-12-18
1.8
None Local Network High Not required None None Partial
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter.
535 CVE-2012-2423 200 +Info 2012-04-25 2017-12-18
1.8
None Local Network High Not required Partial None None
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, provide different responses to remote requests depending on whether a ZIP pathname is valid, which allows remote attackers to obtain potentially sensitive information about the installation path and product version via a series of requests involving the Msxml2.XMLHTTP object.
536 CVE-2012-2421 22 Dir. Trav. 2012-04-25 2017-12-18
1.8
None Local Network High Not required Partial None None
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to read arbitrary files in ZIP archives via a full pathname in the URI.
537 CVE-2012-2420 200 Overflow +Info 2012-04-25 2017-08-28
1.8
None Local Network High Not required Partial None None
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remote attackers to obtain sensitive information via a URI with a % (percent) character as its (1) last or (2) second-to-last character, in situations where a certain "post-URL data" buffer contains a 0x0000 character but a buffer overflow does not occur.
538 CVE-2012-2419 399 DoS 2012-04-25 2017-12-18
1.8
None Local Network High Not required None None Partial
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair.
539 CVE-2012-2313 264 2012-06-13 2016-09-06
1.2
None Local High Not required None None Partial
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
540 CVE-2012-2103 59 2012-08-26 2017-08-28
1.2
None Local High Not required None Partial None
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
541 CVE-2012-1568 Bypass 2013-03-01 2019-04-22
1.9
None Local Medium Not required None Partial None
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries.
542 CVE-2012-1106 264 +Info 2012-07-03 2017-08-28
1.9
None Local Medium Not required Partial None None
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local users to obtain sensitive information.
543 CVE-2012-0742 200 +Info 2012-04-09 2017-08-28
1.9
None Local Medium Not required Partial None None
IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.
544 CVE-2012-0700 255 Bypass 2013-01-31 2017-08-28
1.9
None Local Medium Not required None Partial None
The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly store credentials, which allows local users to bypass intended access restrictions via unspecified vectors.
545 CVE-2012-0645 264 Bypass 2012-03-08 2018-11-29
1.2
None Local High Not required None Partial None
Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.
546 CVE-2012-0494 2012-01-18 2018-01-04
1.7
None Local Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
547 CVE-2012-0218 DoS 2012-12-03 2013-10-10
1.9
None Local Medium Not required None None Partial
Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering an exception that would normally be handled within Xen.
548 CVE-2012-0174 264 Bypass +Info 2012-05-08 2018-10-12
1.7
None Local Low Single system Partial None None
Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly enforce firewall rules for outbound broadcast packets, which allows remote attackers to obtain potentially sensitive information by observing broadcast traffic on a local network, aka "Windows Firewall Bypass Vulnerability."
549 CVE-2012-0098 2012-01-18 2018-01-05
1.9
None Local Medium Not required None None Partial
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel, a different vulnerability than CVE-2011-0813.
550 CVE-2012-0075 2012-01-18 2018-07-20
1.7
None Remote High Multiple systems None Partial None
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
Total number of vulnerabilities : 878   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.