CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
9751 CVE-2012-3623 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9752 CVE-2012-3622 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9753 CVE-2012-3617 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9754 CVE-2012-3616 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9755 CVE-2012-3614 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9756 CVE-2012-3613 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9757 CVE-2012-3612 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9758 CVE-2012-3602 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9759 CVE-2012-3601 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9760 CVE-2012-3598 DoS Exec Code Mem. Corr. 2012-09-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
9761 CVE-2012-3578 264 1 Exec Code 2012-06-16 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in html/images.
9762 CVE-2012-3572 20 Exec Code 2012-09-11 2012-09-12
6.0
None Remote Medium Single system Partial Partial Partial
Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.
9763 CVE-2012-3571 119 DoS Overflow 2012-07-25 2016-12-30
6.1
None Local Network Low Not required None None Complete
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
9764 CVE-2012-3547 119 DoS Exec Code Overflow 2012-09-18 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate.
9765 CVE-2012-3535 119 DoS Exec Code Overflow 2012-09-05 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
9766 CVE-2012-3532 352 CSRF 2013-04-12 2013-04-15
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
9767 CVE-2012-3524 264 1 Exec Code +Priv 2012-09-18 2013-12-05
6.9
None Local Medium Not required Complete Complete Complete
libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: "we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus."
9768 CVE-2012-3523 264 2012-11-11 2013-02-21
6.8
None Remote Medium Not required Partial Partial Partial
The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
9769 CVE-2012-3516 264 DoS +Priv 2012-11-23 2013-01-31
6.9
None Local Medium Not required Complete Complete Complete
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.
9770 CVE-2012-3511 362 DoS 2012-10-03 2013-10-23
6.2
None Local High Not required Complete Complete Complete
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
9771 CVE-2012-3503 264 2012-08-25 2013-03-21
6.5
None Remote Low Single system Partial Partial Partial
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudForms System Engine web interface as an arbitrary user by creating a cookie using the default secret_token.
9772 CVE-2012-3497 20 DoS Mem. Corr. 2012-11-23 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
(1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id.
9773 CVE-2012-3495 20 DoS +Priv 2012-11-23 2017-06-30
6.1
None Local Low Not required Partial Partial Complete
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.
9774 CVE-2012-3492 287 2012-09-28 2012-10-03
6.4
None Remote Low Not required Partial Partial None
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
9775 CVE-2012-3486 264 +Priv 2012-08-26 2012-08-27
6.9
Admin Local Medium Not required Complete Complete Complete
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.
9776 CVE-2012-3483 362 +Priv 2012-08-26 2012-08-27
6.2
Admin Local High Not required Complete Complete Complete
Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file.
9777 CVE-2012-3481 189 DoS Exec Code Overflow 2012-08-25 2013-12-05
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted height and len properties in a GIF image file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
9778 CVE-2012-3479 Exec Code 2012-08-25 2013-12-13
6.8
None Remote Medium Not required Partial Partial Partial
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
9779 CVE-2012-3473 287 2012-08-12 2012-08-13
6.4
None Remote Low Not required Partial Partial None
The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions.
9780 CVE-2012-3472 287 2012-08-12 2012-08-13
6.4
None Remote Low Not required None Partial Partial
The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2.5 does not require authentication, which allows remote attackers to list, delete, or organize messages via a GET request.
9781 CVE-2012-3422 119 DoS Exec Code Overflow 2012-08-07 2014-10-04
6.8
None Remote Medium Not required Partial Partial Partial
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
9782 CVE-2012-3406 264 DoS Exec Code Bypass 2014-02-10 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
9783 CVE-2012-3403 119 DoS Exec Code Overflow 2012-08-25 2013-12-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."
9784 CVE-2012-3402 119 DoS Exec Code Overflow 2012-08-25 2013-05-14
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909.
9785 CVE-2012-3401 119 DoS Exec Code Overflow 2012-08-13 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
9786 CVE-2012-3395 89 Exec Code Sql 2012-07-23 2017-11-30
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data.
9787 CVE-2012-3384 352 CSRF 2012-07-22 2012-08-09
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
9788 CVE-2012-3377 119 DoS Exec Code Overflow 2012-07-12 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.
9789 CVE-2012-3363 2013-02-13 2013-12-05
6.4
None Remote Low Not required Partial Partial None
Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack.
9790 CVE-2012-3362 352 CSRF 2012-07-12 2012-07-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action.
9791 CVE-2012-3350 89 1 Exec Code Sql 2012-07-12 2018-05-29
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
9792 CVE-2012-3347 264 Exec Code Bypass 2012-06-13 2012-09-28
6.0
None Remote Medium Single system Partial Partial Partial
AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment mechanism, a different vulnerability than CVE-2012-1828.
9793 CVE-2012-3343 352 XSS CSRF 2012-06-08 2012-06-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx Web Filtering before 5.0.14 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that trigger error pages containing XSS sequences, a different vulnerability than CVE-2012-2564.
9794 CVE-2012-3325 20 2012-08-30 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via unspecified vectors.
9795 CVE-2012-3323 264 +Priv 2013-10-01 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors.
9796 CVE-2012-3321 264 Bypass 2013-02-20 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrictions via vectors involving an expired password.
9797 CVE-2012-3317 264 +Priv 2012-12-05 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.
9798 CVE-2012-3309 352 CSRF 2012-08-29 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
9799 CVE-2012-3306 255 2012-09-25 2017-08-28
6.8
User Remote Medium Not required Partial Partial Partial
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack vectors.
9800 CVE-2012-3305 22 Dir. Trav. 2012-09-25 2017-08-28
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.