CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
9701 CVE-2011-4604 119 DoS Overflow Mem. Corr. 2013-06-07 2013-06-20
6.8
None Remote Medium Not required Partial Partial Partial
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.
9702 CVE-2011-4596 22 Dir. Trav. 2011-12-23 2018-11-16
6.0
None Remote Medium Single system Partial Partial Partial
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.
9703 CVE-2011-4587 255 2012-07-20 2017-12-21
6.8
None Remote Medium Not required Partial Partial Partial
lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable blank passwords.
9704 CVE-2011-4583 264 2012-07-20 2013-08-12
6.5
None Remote Low Single system Partial Partial Partial
Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.
9705 CVE-2011-4566 189 DoS Overflow 2011-11-28 2017-08-28
6.4
None Remote Low Not required Partial None Partial
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.
9706 CVE-2011-4535 119 DoS Exec Code Overflow 2012-04-02 2012-04-03
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file.
9707 CVE-2011-4517 119 DoS Exec Code Overflow Mem. Corr. 2011-12-14 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
9708 CVE-2011-4516 119 DoS Exec Code Overflow Mem. Corr. 2011-12-14 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
9709 CVE-2011-4498 352 CSRF 2011-11-21 2011-11-21
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests that wipe mobile devices.
9710 CVE-2011-4487 89 Exec Code Sql 2012-02-29 2012-03-05
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538.
9711 CVE-2011-4460 89 Exec Code Sql 2012-06-04 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.
9712 CVE-2011-4458 94 Exec Code 2012-06-04 2012-09-28
6.8
None Remote Medium Not required Partial Partial Partial
Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-5092 and CVE-2011-5093.
9713 CVE-2011-4452 352 CSRF 2012-09-05 2012-09-06
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{image}} action.
9714 CVE-2011-4450 22 Dir. Trav. 2012-09-05 2012-09-13
6.4
None Remote Low Not required Partial None Partial
Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. (dot dot) in the file parameter, as demonstrated by the /../../wikka.config.php pathname in a download action.
9715 CVE-2011-4449 Exec Code 2012-09-05 2012-09-07
6.8
None Remote Medium Not required Partial Partial Partial
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.
9716 CVE-2011-4431 22 Exec Code Dir. Trav. 2011-11-09 2012-02-13
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.
9717 CVE-2011-4408 2012-06-15 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack.
9718 CVE-2011-4364 119 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams.
9719 CVE-2011-4358 2012-07-17 2014-10-10
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.
9720 CVE-2011-4356 264 Exec Code +Priv 2011-12-05 2012-01-03
6.9
None Local Medium Not required Complete Complete Complete
Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.
9721 CVE-2011-4355 264 +Priv 2013-03-05 2013-03-06
6.9
None Local Medium Not required Complete Complete Complete
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
9722 CVE-2011-4352 189 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.
9723 CVE-2011-4334 434 2017-10-23 2017-10-25
6.5
None Remote Low Single system Partial Partial Partial
edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.
9724 CVE-2011-4302 20 Bypass 2012-07-11 2012-07-11
6.8
None Remote Medium Not required Partial Partial Partial
mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.
9725 CVE-2011-4298 352 CSRF 2012-07-11 2012-07-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data.
9726 CVE-2011-4297 264 2012-07-16 2012-07-16
6.4
None Remote Low Not required None Partial Partial
comment/lib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not properly restrict comment capabilities, which allows remote attackers to post a comment by leveraging the guest role and operating on a front-page activity.
9727 CVE-2011-4295 264 +Priv 2012-07-16 2012-07-16
6.5
None Remote Low Single system Partial Partial Partial
The moodle_enrol_external:role_assign function in enrol/externallib.php in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 does not have an authorization check, which allows remote authenticated users to gain privileges by making a role assignment.
9728 CVE-2011-4293 264 Bypass 2012-07-16 2012-07-16
6.4
None Remote Low Not required None Partial Partial
The theme implementation in Moodle 2.0.x before 2.0.4 and 2.1.x before 2.1.1 triggers duplicate caching of Cascading Style Sheets (CSS) and JavaScript content, which allows remote attackers to bypass intended access restrictions and write to an operating-system temporary directory via unspecified vectors.
9729 CVE-2011-4287 264 2012-07-16 2012-07-16
6.8
None Remote Medium Not required Partial Partial Partial
admin/uploaduser_form.php in Moodle 2.0.x before 2.0.3 does not force password changes for autosubscribed users, which makes it easier for remote attackers to obtain access by leveraging knowledge of the initial password of a new user.
9730 CVE-2011-4281 352 CSRF 2012-07-16 2012-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course.
9731 CVE-2011-4231 20 DoS 2012-05-03 2012-05-11
6.3
None Remote Medium Single system None None Complete
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128.
9732 CVE-2011-4182 20 Exec Code 2018-06-12 2018-08-13
6.8
None Remote Medium Not required Partial Partial Partial
Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. Affected releases are sysconfig prior to 0.83.7-2.1.
9733 CVE-2011-4159 +Priv 2011-11-18 2017-09-18
6.8
None Local Low Single system Complete Complete Complete
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
9734 CVE-2011-4144 2012-02-01 2012-02-16
6.8
None Local Low Single system Complete Complete Complete
Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges.
9735 CVE-2011-4140 352 CSRF 2011-10-19 2018-01-17
6.8
None Remote Medium Not required Partial Partial Partial
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
9736 CVE-2011-4133 352 CSRF 2012-07-16 2012-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Moodle 1.9.x before 1.9.11 allows remote attackers to hijack the authentication of unspecified victims for requests that modify an RSS feed in an RSS block.
9737 CVE-2011-4122 22 +Priv Dir. Trav. 2011-11-17 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.
9738 CVE-2011-4118 264 +Priv 2011-11-14 2011-11-15
6.0
User Remote Medium Single system Partial Partial Partial
Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target.
9739 CVE-2011-4111 119 DoS Exec Code Overflow 2014-02-26 2014-02-27
6.8
None Local Network High Not required Complete Complete Complete
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
9740 CVE-2011-4106 20 2 Exec Code 2013-10-26 2013-10-28
6.8
None Remote Medium Not required Partial Partial Partial
TimThumb (timthumb.php) before 2.0 does not validate the entire source with the domain white list, which allows remote attackers to upload and execute arbitrary code via a URL containing a white-listed domain in the src parameter, then accessing it via a direct request to the file in the cache directory, as exploited in the wild in August 2011.
9741 CVE-2011-4085 287 Bypass 2012-11-23 2014-03-05
6.8
None Remote Medium Not required Partial Partial Partial
The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication by sending a request with a different method. NOTE: this vulnerability exists because of a CVE-2010-0738 regression.
9742 CVE-2011-4077 119 DoS Exec Code Overflow Mem. Corr. 2012-01-27 2016-08-22
6.9
None Local Medium Not required Complete Complete Complete
Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.
9743 CVE-2011-4063 20 DoS 2011-10-21 2018-10-09
6.8
None Remote Low Single system None None Complete
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.
9744 CVE-2011-4061 +Priv 2011-10-17 2018-10-11
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used in the IBM Tivoli Monitoring for Databases: DB2 Agent, allow local users to gain privileges via a Trojan horse libkbb.so in the current working directory, related to the DT_RPATH ELF header.
9745 CVE-2011-3994 352 CSRF 2011-11-03 2011-11-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data.
9746 CVE-2011-3976 119 1 Exec Code Overflow 2011-10-04 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script.
9747 CVE-2011-3971 399 DoS 2012-02-08 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.
9748 CVE-2011-3958 DoS 2012-02-08 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
9749 CVE-2011-3952 20 DoS Exec Code 2012-08-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.
9750 CVE-2011-3951 119 DoS Exec Code Overflow 2012-08-20 2012-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.