CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2012

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4951 CVE-2011-2777 264 +Priv 2012-08-29 2012-12-20
4.4
None Local Medium Not required Partial Partial Partial
samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUS_SESSION_BUS_ADDRESS environment variable containing commands.
4952 CVE-2011-2776 119 Exec Code Overflow 2012-01-13 2017-08-29
4.4
None Local Medium Not required Partial Partial Partial
Buffer overflow in the Error function in super.c in Super 3.30.0 might allow local users to execute arbitrary code via vectors related to syslog logging. NOTE: some of these details are obtained from third party information.
4953 CVE-2011-2732 94 Http R.Spl. 2012-12-05 2012-12-06
4.3
None Remote Medium Not required None Partial None
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.
4954 CVE-2011-2731 362 +Priv 2012-12-05 2013-10-24
5.1
None Remote High Not required Partial Partial Partial
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.
4955 CVE-2011-2730 16 +Info 2012-12-05 2017-08-09
7.5
None Remote Low Not required Partial Partial Partial
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection."
4956 CVE-2011-2728 DoS 2012-12-21 2013-01-29
4.3
None Remote Medium Not required None None Partial
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.
4957 CVE-2011-2722 59 2012-05-25 2013-10-11
1.2
None Local High Not required None Partial None
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
4958 CVE-2011-2716 20 Exec Code 2012-07-03 2020-08-27
6.8
None Local Network High Not required Complete Complete Complete
The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
4959 CVE-2011-2709 264 Exec Code 2012-06-21 2013-03-02
6.2
None Local High Not required Complete Complete Complete
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
4960 CVE-2011-2707 200 +Info 2012-05-24 2020-08-06
3.6
None Local Low Not required Partial None Partial
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
4961 CVE-2011-2699 DoS 2012-05-24 2020-07-29
7.8
None Remote Low Not required None None Complete
The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.
4962 CVE-2011-2658 264 Exec Code 2012-07-26 2012-07-27
6.8
None Remote Medium Not required Partial Partial Partial
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws.
4963 CVE-2011-2657 22 1 Exec Code Dir. Trav. 2012-07-26 2012-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument.
4964 CVE-2011-2586 20 DoS 2012-05-02 2012-10-30
5.4
None Remote High Not required None None Complete
The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote attackers to cause a denial of service (device crash) via a malformed HTTP response to a request for service installation, aka Bug ID CSCts12249.
4965 CVE-2011-2583 20 DoS 2012-05-02 2017-12-14
5.0
None Remote Low Not required None None Partial
Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remote attackers to cause a denial of service via network traffic, as demonstrated by an SEC-BE-STABLE test case, aka Bug ID CSCth33834.
4966 CVE-2011-2578 399 DoS 2012-05-02 2017-12-14
7.8
None Remote Low Not required None None Complete
Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption) via malformed SIP packets on a NAT interface, aka Bug ID CSCts12366.
4967 CVE-2011-2545 79 XSS 2012-06-13 2012-06-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka Bug IDs CSCtr27277, CSCtr27256, CSCtr27274, and CSCtr14715.
4968 CVE-2011-2527 264 2012-06-21 2020-11-02
2.1
None Local Low Not required Partial None None
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
4969 CVE-2011-2525 476 DoS 2012-02-02 2020-08-04
7.2
None Local Low Not required Complete Complete Complete
The qdisc_notify function in net/sched/sch_api.c in the Linux kernel before 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted call.
4970 CVE-2011-2521 189 DoS 2012-05-24 2020-07-28
4.9
None Local Low Not required None None Complete
The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program.
4971 CVE-2011-2518 20 DoS 2012-05-24 2020-07-26
4.9
None Local Low Not required None None Complete
The tomoyo_mount_acl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kern_path function with arguments taken directly from a mount system call, which allows local users to cause a denial of service (OOPS) or possibly have unspecified other impact via a NULL value for the device name.
4972 CVE-2011-2517 119 Overflow +Priv 2012-05-24 2020-07-28
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in net/wireless/nl80211.c in the Linux kernel before 2.6.39.2 allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability during scan operations with a long SSID value.
4973 CVE-2011-2512 20 DoS Exec Code Bypass 2012-06-21 2016-12-08
5.8
None Local Network Low Not required Partial Partial Partial
The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.
4974 CVE-2011-2503 20 +Priv 2012-07-26 2012-07-27
3.7
None Local High Not required Partial Partial Partial
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
4975 CVE-2011-2502 20 +Priv 2012-07-26 2012-07-27
4.4
None Local Medium Not required Partial Partial Partial
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
4976 CVE-2011-2496 189 DoS Overflow 2012-06-13 2012-06-28
4.9
None Local Low Not required None None Complete
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.
4977 CVE-2011-2495 264 2012-06-13 2013-12-31
2.1
None Local Low Not required Partial None None
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
4978 CVE-2011-2494 200 +Info 2012-06-13 2017-12-29
2.1
None Local Low Not required Partial None None
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
4979 CVE-2011-2493 DoS 2012-06-13 2012-06-14
2.1
None Local Low Not required None None Partial
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
4980 CVE-2011-2486 264 Bypass 2012-11-19 2013-09-01
5.0
None Remote Low Not required None Partial None
nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash.
4981 CVE-2011-2485 DoS 2012-07-03 2012-07-03
4.3
None Remote Medium Not required None None Partial
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.
4982 CVE-2011-2478 94 Exec Code 2012-04-17 2012-04-18
9.3
None Remote Medium Not required Complete Complete Complete
Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file.
4983 CVE-2011-2393 399 DoS 2012-02-02 2012-02-03
7.8
None Remote Low Not required None None Complete
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670.
4984 CVE-2011-2326 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-3509, and CVE-2011-3524.
4985 CVE-2011-2325 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2326, CVE-2011-3509, and CVE-2011-3524.
4986 CVE-2011-2324 2012-01-18 2016-05-18
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote attackers to affect availability, related to Enterprise Infrastructure SEC (JDENET).
4987 CVE-2011-2321 2012-01-18 2016-05-18
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDNET).
4988 CVE-2011-2317 2012-01-18 2016-05-18
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect integrity, related to Enterprise Infrastucture SEC (JDNET).
4989 CVE-2011-2271 2012-01-18 2012-01-19
3.5
None Remote Medium ??? None Partial None
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Attachments / File Upload.
4990 CVE-2011-2262 2012-01-18 2019-12-17
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
4991 CVE-2011-2212 119 DoS Overflow +Priv 2012-06-21 2020-11-02
7.4
None Local Network Medium ??? Complete Complete Complete
Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests."
4992 CVE-2011-2211 264 +Priv 2012-06-13 2012-06-13
7.2
None Local Low Not required Complete Complete Complete
The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory.
4993 CVE-2011-2210 264 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required Partial None None
The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call.
4994 CVE-2011-2209 189 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required None None Partial
Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
4995 CVE-2011-2208 189 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required Partial None None
Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
4996 CVE-2011-2203 264 DoS 2012-01-27 2012-03-19
2.1
None Local Low Not required None None Partial
The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.
4997 CVE-2011-2199 119 DoS Exec Code Overflow 2012-07-22 2012-07-23
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option.
4998 CVE-2011-2183 362 DoS 2012-06-13 2012-06-14
4.0
None Local High Not required None None Complete
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application.
4999 CVE-2011-2182 119 Overflow +Priv +Info 2012-06-13 2016-12-08
7.2
None Local Low Not required Complete Complete Complete
The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017.
5000 CVE-2011-2085 352 CSRF 2012-06-04 2021-02-25
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users.
Total number of vulnerabilities : 5297   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 (This Page)101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.