# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
11351 |
CVE-2012-3724 |
200 |
|
+Info |
2012-09-20 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL. |
11352 |
CVE-2012-3721 |
287 |
|
|
2012-09-20 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecified vectors. |
11353 |
CVE-2012-3698 |
264 |
|
|
2012-07-26 |
2012-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a crafted app, as demonstrated by the keychain entries of a (1) helper tool or (2) command-line tool. |
11354 |
CVE-2012-3693 |
|
|
|
2012-07-25 |
2012-09-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs. |
11355 |
CVE-2012-3691 |
20 |
|
Bypass |
2012-07-25 |
2012-09-21 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. |
11356 |
CVE-2012-3689 |
20 |
|
Bypass |
2012-07-25 |
2012-07-30 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site. |
11357 |
CVE-2012-3588 |
22 |
1
|
Dir. Trav. |
2012-06-19 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter. |
11358 |
CVE-2012-3570 |
119 |
|
DoS Overflow |
2012-07-25 |
2016-11-28 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter. |
11359 |
CVE-2012-3568 |
|
|
DoS |
2012-06-14 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo. |
11360 |
CVE-2012-3567 |
|
|
DoS |
2012-06-14 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document. |
11361 |
CVE-2012-3565 |
|
|
DoS |
2012-06-14 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests." |
11362 |
CVE-2012-3564 |
|
|
DoS Overflow |
2012-06-14 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element. |
11363 |
CVE-2012-3563 |
|
|
DoS |
2012-06-14 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings. |
11364 |
CVE-2012-3557 |
264 |
|
+Info |
2012-06-14 |
2012-06-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Opera before 11.65 does not properly restrict the reading of JSON strings, which allows remote attackers to perform cross-domain loading of JSON resources and consequently obtain sensitive information via a crafted web site. |
11365 |
CVE-2012-3552 |
362 |
|
DoS |
2012-10-03 |
2013-10-11 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. |
11366 |
CVE-2012-3544 |
20 |
|
DoS |
2013-06-01 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data. |
11367 |
CVE-2012-3540 |
20 |
|
|
2012-09-05 |
2017-08-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake. |
11368 |
CVE-2012-3534 |
119 |
|
DoS Overflow |
2012-08-31 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections. |
11369 |
CVE-2012-3533 |
310 |
|
|
2012-08-31 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack. |
11370 |
CVE-2012-3526 |
|
|
DoS |
2012-09-05 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request. |
11371 |
CVE-2012-3525 |
20 |
|
|
2012-08-25 |
2013-06-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response. |
11372 |
CVE-2012-3521 |
22 |
|
Dir. Trav. |
2014-06-13 |
2014-06-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) geshi-path or (2) geshi-lang-path parameter. |
11373 |
CVE-2012-3519 |
200 |
|
+Info |
2012-08-25 |
2013-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack. |
11374 |
CVE-2012-3518 |
119 |
|
DoS Overflow |
2012-08-25 |
2013-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted (1) vote document or (2) consensus document. |
11375 |
CVE-2012-3517 |
399 |
|
DoS |
2012-08-25 |
2013-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests. |
11376 |
CVE-2012-3514 |
310 |
|
DoS |
2012-08-25 |
2014-02-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via unspecified vectors. |
11377 |
CVE-2012-3510 |
399 |
|
DoS +Info |
2012-10-03 |
2013-04-18 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. |
11378 |
CVE-2012-3509 |
189 |
|
DoS Overflow |
2012-09-05 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. |
11379 |
CVE-2012-3505 |
310 |
|
DoS |
2012-10-09 |
2013-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via (1) a large number of headers or (2) a large number of forged headers that trigger hash collisions predictably. bucket. |
11380 |
CVE-2012-3501 |
119 |
|
DoS Overflow |
2012-08-25 |
2012-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cause a denial of service (daemon crash) via a URL with certain characters, as demonstrated using %0D or %0A. |
11381 |
CVE-2012-3498 |
20 |
|
DoS |
2012-11-23 |
2017-08-28 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. |
11382 |
CVE-2012-3493 |
200 |
|
+Info |
2012-09-28 |
2012-10-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId. |
11383 |
CVE-2012-3482 |
|
|
DoS +Info |
2012-12-21 |
2013-04-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read. |
11384 |
CVE-2012-3474 |
200 |
|
+Info |
2012-08-12 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call. |
11385 |
CVE-2012-3467 |
287 |
|
Bypass |
2012-08-27 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication. |
11386 |
CVE-2012-3446 |
20 |
|
|
2012-11-04 |
2012-11-06 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. |
11387 |
CVE-2012-3444 |
119 |
|
DoS Overflow |
2012-07-31 |
2013-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image. |
11388 |
CVE-2012-3443 |
20 |
|
DoS |
2012-07-31 |
2013-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file. |
11389 |
CVE-2012-3440 |
59 |
|
|
2012-08-08 |
2016-11-28 |
5.6 |
None |
Local |
High |
Not required |
None |
Complete |
Complete |
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. |
11390 |
CVE-2012-3436 |
20 |
|
DoS |
2012-10-09 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half." |
11391 |
CVE-2012-3429 |
20 |
|
DoS |
2012-08-07 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query. |
11392 |
CVE-2012-3424 |
287 |
|
DoS |
2012-08-08 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method. |
11393 |
CVE-2012-3421 |
|
|
DoS |
2012-08-27 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw." |
11394 |
CVE-2012-3420 |
399 |
|
DoS |
2012-08-27 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c. |
11395 |
CVE-2012-3419 |
200 |
|
+Info |
2012-08-27 |
2013-02-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments. |
11396 |
CVE-2012-3418 |
189 |
|
DoS Exec Code Overflow |
2012-08-27 |
2013-10-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads. |
11397 |
CVE-2012-3411 |
|
|
DoS |
2013-03-05 |
2013-12-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. |
11398 |
CVE-2012-3405 |
189 |
|
DoS Bypass |
2014-02-10 |
2017-06-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404. |
11399 |
CVE-2012-3404 |
189 |
|
DoS Bypass |
2014-02-10 |
2017-06-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers. |
11400 |
CVE-2012-3394 |
200 |
|
+Info |
2012-07-23 |
2017-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network. |