CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
10951 CVE-2012-4898 310 2012-12-18 2013-01-29
6.1
None Remote High Not required Complete Partial None
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere.
10952 CVE-2012-4897 +Priv 2012-10-05 2017-08-28
6.9
Admin Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory.
10953 CVE-2012-4893 352 Exec Code CSRF 2012-09-11 2012-09-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip commands, a different issue than CVE-2012-2982.
10954 CVE-2012-4883 +Priv 2012-09-07 2012-09-17
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .smg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10955 CVE-2012-4882 +Priv 2012-09-07 2012-09-10
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in 3D XML Player 6.212.13.12076 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) JT0DevPhase.dll file in the current working directory, as demonstrated by a directory that contains a .3dx file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10956 CVE-2012-4881 +Priv 2012-09-07 2012-09-10
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894-A allows local users to gain privileges via a Trojan horse avrt.dll file in the current working directory, as demonstrated by a directory that contains a .mvz file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10957 CVE-2012-4880 +Priv 2012-09-07 2012-09-10
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10958 CVE-2012-4877 352 1 CSRF 2012-09-06 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts.
10959 CVE-2012-4866 1 Exec Code 2012-09-06 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as the current working directory. NOTE: some of these details are obtained from third party information.
10960 CVE-2012-4853 352 CSRF 2012-11-14 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure.
10961 CVE-2012-4845 264 Bypass 2012-10-20 2017-09-18
6.8
None Remote Low Single system Complete None None
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.
10962 CVE-2012-4773 352 2 CSRF 2012-10-22 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account via an add action to admin/accounts/add/.
10963 CVE-2012-4759 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.
10964 CVE-2012-4758 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in CyberLink PowerProducer 5.5.3.2325 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .ppp or .rdf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10965 CVE-2012-4757 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in CyberLink StreamAuthor 4.0 build 3308 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .sta or .stp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10966 CVE-2012-4756 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
10967 CVE-2012-4755 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in SciTools Understand before 2.6 build 600 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .udb file. NOTE: some of these details are obtained from third party information.
10968 CVE-2012-4754 +Priv 2012-09-06 2012-09-06
6.3
None Local Medium Not required Complete Complete None
Multiple untrusted search path vulnerabilities in MindManager 2012 10.0.493 allow local users to gain privileges via a Trojan horse (1) ssgp.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mmap file. NOTE: some of these details are obtained from third party information.
10969 CVE-2012-4753 352 CSRF 2012-09-05 2012-09-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
10970 CVE-2012-4746 352 1 CSRF 2012-08-31 2012-09-03
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.
10971 CVE-2012-4737 264 Bypass 2012-08-31 2013-04-18
6.0
None Remote Medium Single system Partial Partial Partial
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials.
10972 CVE-2012-4733 255 2013-08-23 2013-08-27
6.0
None Remote Medium Single system Partial Partial Partial
Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors.
10973 CVE-2012-4732 352 CSRF 2012-11-11 2013-03-01
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket bookmarks.
10974 CVE-2012-4729 119 DoS Overflow 2012-10-26 2013-03-01
6.8
None Remote Low Single system None None Complete
Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands.
10975 CVE-2012-4709 119 DoS Overflow 2013-10-13 2013-10-15
6.9
None Local Medium Not required Complete Complete Complete
Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
10976 CVE-2012-4703 399 DoS 2013-03-11 2013-03-18
6.1
None Local Network Low Not required None None Complete
The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513.
10977 CVE-2012-4696 119 Overflow +Priv 2013-01-28 2013-02-07
6.9
None Local Medium Not required Complete Complete Complete
Buffer overflow in Beijer ADP 6.5.0-180_R1967 and 6.5.1-186_R2942, and H-Designer 6.5.0 B180_R1967, allows local users to gain privileges by inserting a long string into a DLL file.
10978 CVE-2012-4670 20 2012-08-25 2017-08-28
6.4
None Remote Low Not required None Partial Partial
Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
10979 CVE-2012-4613 287 Bypass 2012-11-15 2013-02-25
6.9
None Local Medium Not required Complete Complete Complete
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack.
10980 CVE-2012-4608 352 CSRF 2012-12-05 2012-12-05
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users.
10981 CVE-2012-4601 89 Exec Code Sql 2012-11-23 2012-11-26
6.0
None Remote Medium Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_groups[] parameter to admin/code/tce_edit_test.php or (2) subject_id parameter to admin/code/tce_show_all_questions.php.
10982 CVE-2012-4581 287 2012-08-22 2012-08-22
6.8
None Remote Medium Not required Partial Partial Partial
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not disable the server-side session token upon the closing of the Management Console/Dashboard, which makes it easier for remote attackers to hijack sessions by capturing a session cookie and then modifying the response to a login attempt, related to a "Logout Failure" issue.
10983 CVE-2012-4568 352 CSRF 2017-10-23 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
10984 CVE-2012-4566 264 Bypass 2012-11-19 2012-11-20
6.4
None Remote Low Not required Partial Partial None
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523.
10985 CVE-2012-4564 DoS Exec Code Overflow 2012-11-11 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
10986 CVE-2012-4559 399 DoS Exec Code 2012-11-30 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
10987 CVE-2012-4553 264 Exec Code +Info 2012-11-11 2012-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Drupal 7.x before 7.16 allows remote attackers to obtain sensitive information and possibly re-install Drupal and execute arbitrary PHP code via an external database server, related to "transient conditions."
10988 CVE-2012-4552 119 Exec Code Overflow 2012-11-18 2013-06-25
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.
10989 CVE-2012-4550 264 2013-01-04 2013-05-07
6.4
None Remote Low Not required Partial Partial None
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based authorization for Enterprise Java Beans (EJB) access, does not call the intended authorization modules, which prevents JACC permissions from being applied and allows remote attackers to obtain access to the EJB.
10990 CVE-2012-4548 Exec Code 2012-11-11 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
Argument injection vulnerability in syntax-highlighting.sh in cgit 9.0.3 and earlier allows remote authenticated users with permissions to add files to execute arbitrary commands via the --plug-in argument to the highlight command.
10991 CVE-2012-4540 189 DoS Exec Code Overflow +Info 2012-11-11 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
10992 CVE-2012-4527 119 DoS Exec Code Overflow 2012-11-21 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.
10993 CVE-2012-4523 264 Bypass 2012-11-19 2013-01-29
6.4
None Remote Low Not required Partial Partial None
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients.
10994 CVE-2012-4520 20 2012-11-18 2013-05-03
6.4
None Remote Low Not required Partial Partial None
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.
10995 CVE-2012-4515 399 DoS Exec Code 2012-11-11 2012-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated.
10996 CVE-2012-4513 119 DoS Overflow 2012-11-11 2012-11-12
6.4
None Remote Low Not required Partial None Partial
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
10997 CVE-2012-4486 352 CSRF 2012-11-02 2012-11-06
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors.
10998 CVE-2012-4478 352 CSRF 2012-11-30 2012-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.
10999 CVE-2012-4467 399 DoS +Info 2012-10-10 2013-01-29
6.6
None Local Low Not required Complete None Complete
The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call.
11000 CVE-2012-4465 119 DoS Exec Code Overflow 2012-10-10 2013-01-29
6.5
None Remote Low Single system Partial Partial Partial
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.