CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11701 CVE-2012-1735 2012-07-17 2017-08-28
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
11702 CVE-2012-1731 2012-07-17 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
11703 CVE-2012-1726 2012-06-16 2017-09-18
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
11704 CVE-2012-1703 2012-05-03 2017-12-06
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
11705 CVE-2012-1694 2012-05-03 2017-12-06
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to libsasl.
11706 CVE-2012-1691 2012-05-03 2017-12-06
6.6
None Local Medium Single system Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Privileges.
11707 CVE-2012-1666 +Priv 2012-09-08 2012-09-10
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
11708 CVE-2012-1656 89 Exec Code Sql 2012-09-18 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the Site table prefix field.
11709 CVE-2012-1650 264 Bypass 2012-08-28 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of the "access ZipCart downloads" permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions.
11710 CVE-2012-1641 264 Exec Code 2012-08-28 2012-08-29
6.0
None Remote Medium Single system Partial Partial Partial
The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission to execute arbitrary PHP code via admin/build/finder/import.
11711 CVE-2012-1638 89 Exec Code Sql 2012-09-19 2012-09-21
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remote authenticated users with the "use search_autocomplete" permission to execute arbitrary SQL commands via unspecified vectors.
11712 CVE-2012-1635 264 Bypass +Info 2012-08-28 2012-08-29
6.4
None Remote Low Not required Partial Partial None
The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which allows remote attackers to bypass intended access restrictions, as demonstrated when using the XML sitemap module to obtain sensitive information about unpublished content.
11713 CVE-2012-1633 352 CSRF 2012-09-19 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote attackers to hijack the authentication of administrative users for requests that unblock a user.
11714 CVE-2012-1631 352 CSRF 2012-09-19 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote attackers to hijack the authentication of administrators for requests that unpublish all nodes, and possibly other actions, via unspecified vectors.
11715 CVE-2012-1626 89 Exec Code Sql 2012-09-19 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to execute arbitrary SQL commands via unspecified vectors.
11716 CVE-2012-1625 94 Exec Code 2012-09-19 2012-09-20
6.0
None Remote Medium Single system Partial Partial Partial
Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with administer PDFs privileges to execute arbitrary PHP code via unspecified vectors. NOTE: Some of these details are obtained from third party information.
11717 CVE-2012-1617 22 Dir. Trav. 2012-09-25 2017-08-28
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
11718 CVE-2012-1580 352 CSRF 2012-09-09 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload files.
11719 CVE-2012-1578 352 CSRF 2012-09-09 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.
11720 CVE-2012-1576 264 DoS 2012-10-01 2013-04-04
6.0
None Remote Medium Single system Partial Partial Partial
The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10, and 7.x before 7.0.0-beta2 does not properly clean up CertFP entries when a user is deleted, which allows remote attackers to access a different user account or cause a denial of service (daemon crash) via a login as a deleted user.
11721 CVE-2012-1574 310 2012-04-12 2017-03-23
6.5
None Remote Low Single system Partial Partial Partial
The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
11722 CVE-2012-1570 2012-03-28 2017-12-12
6.4
None Remote Low Not required None Partial Partial
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11723 CVE-2012-1514 352 CSRF 2012-03-16 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in VMware vShield Manager (vSM) 1.0.1 before Update 2 and 4.1.0 before Update 2 allows remote attackers to hijack the authentication of arbitrary users.
11724 CVE-2012-1506 89 Exec Code Sql 2014-09-17 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from third party information.
11725 CVE-2012-1472 20 DoS 2012-03-12 2012-03-13
6.4
None Remote Low Not required Partial None Partial
VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, which allows remote attackers to read arbitrary files or cause a denial of service via unspecified vectors.
11726 CVE-2012-1468 Exec Code 2012-09-06 2012-09-07
6.0
None Remote Medium Single system Partial Partial Partial
Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.
11727 CVE-2012-1467 22 Dir. Trav. 2012-09-06 2012-09-13
6.5
None Remote Low Single system Partial Partial Partial
Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php.
11728 CVE-2012-1366 20 DoS 2014-04-23 2014-04-23
6.1
None Local Network Low Not required None None Complete
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
11729 CVE-2012-1338 362 DoS 2012-08-06 2013-04-01
6.3
None Remote Medium Single system None None Complete
Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664.
11730 CVE-2012-1327 284 DoS 2012-05-03 2017-12-06
6.1
None Local Network Low Not required None None Complete
dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391.
11731 CVE-2012-1313 264 +Priv 2013-09-27 2016-11-04
6.5
None Local Low Multiple systems Complete Complete Complete
The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772.
11732 CVE-2012-1242 +Priv 2012-04-27 2017-12-13
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11733 CVE-2012-1237 352 CSRF 2012-04-06 2012-11-19
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack the authentication of arbitrary users.
11734 CVE-2012-1236 352 Exec Code CSRF 2012-03-19 2012-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands.
11735 CVE-2012-1235 352 CSRF 2012-02-21 2012-02-23
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235.
11736 CVE-2012-1234 89 Exec Code Sql 2012-02-21 2012-02-23
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
11737 CVE-2012-1194 2012-02-17 2012-02-20
6.4
None Remote Low Not required None Partial Partial
The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11738 CVE-2012-1193 2012-02-17 2013-12-12
6.4
None Remote Low Not required None Partial Partial
The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11739 CVE-2012-1192 2012-02-17 2012-02-20
6.4
None Remote Low Not required None Partial Partial
The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11740 CVE-2012-1191 20 2012-02-17 2012-02-20
6.4
None Remote Low Not required None Partial Partial
The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
11741 CVE-2012-1175 189 DoS Exec Code Overflow 2012-08-26 2012-08-27
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.
11742 CVE-2012-1173 189 Exec Code Overflow 2012-06-04 2018-01-17
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
11743 CVE-2012-1163 189 Exec Code Overflow +Info 2012-07-12 2012-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
11744 CVE-2012-1119 264 2012-06-29 2013-08-26
6.4
None Remote Low Not required None Partial Partial
MantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier for remote attackers to copy bug reports without detection.
11745 CVE-2012-1112 22 Dir. Trav. 2012-09-06 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the select_users_template parameter to index.php.
11746 CVE-2012-1083 352 CSRF 2012-02-14 2012-02-29
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
11747 CVE-2012-1079 Exec Code 2012-02-14 2017-08-28
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.
11748 CVE-2012-1057 352 CSRF 2012-02-13 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node rankings via the tracking code, possibly related to improper "flood control."
11749 CVE-2012-1055 119 Exec Code Overflow 2012-02-13 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
11750 CVE-2012-1053 264 +Priv 2012-05-29 2019-07-11
6.9
None Local Medium Not required Complete Complete Complete
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.