CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In July 2012 (CVSS score >= 7)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2012-3635 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
52 CVE-2012-3634 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
53 CVE-2012-3633 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
54 CVE-2012-3631 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
55 CVE-2012-3630 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
56 CVE-2012-3629 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
57 CVE-2012-3628 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
58 CVE-2012-3627 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
59 CVE-2012-3626 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
60 CVE-2012-3625 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
61 CVE-2012-3620 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
62 CVE-2012-3618 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
63 CVE-2012-3615 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
64 CVE-2012-3611 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
65 CVE-2012-3610 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
66 CVE-2012-3609 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
67 CVE-2012-3608 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
68 CVE-2012-3605 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
69 CVE-2012-3604 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
70 CVE-2012-3603 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
71 CVE-2012-3600 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
72 CVE-2012-3599 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
73 CVE-2012-3597 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
74 CVE-2012-3596 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
75 CVE-2012-3595 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
76 CVE-2012-3594 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
77 CVE-2012-3593 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
78 CVE-2012-3592 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
79 CVE-2012-3591 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
80 CVE-2012-3590 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
8.8
 None Remote Medium Not required Complete Complete None
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
81 CVE-2012-3589 DoS Exec Code Mem. Corr. 2012-07-25 2012-09-22
9.3
 None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
82 CVE-2012-3585 119 Exec Code Overflow 2012-07-05 2012-07-17
9.3
 None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
83 CVE-2012-3399 20 1 Exec Code 2012-07-12 2017-08-29
7.5
 None Remote Low Not required Partial Partial Partial
Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.
84 CVE-2012-3376 310 2012-07-12 2017-03-24
7.5
 None Remote Low Not required Partial Partial Partial
DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.
85 CVE-2012-3374 119 Exec Code Overflow 2012-07-07 2017-12-01
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
86 CVE-2012-3366 78 Exec Code 2012-07-03 2017-08-29
9.0
 None Remote Low ??? Complete Complete Complete
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process (bcfg2-server).
87 CVE-2012-3358 119 DoS Exec Code Overflow 2012-07-18 2020-09-09
10.0
 None Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.
88 CVE-2012-3241 264 Exec Code 2012-07-17 2012-07-18
7.5
 None Remote Low Not required Partial Partial Partial
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not properly authenticate SOAP requests, which allows remote attackers to execute arbitrary VMware Broker API commands.
89 CVE-2012-3240 264 +Priv 2012-07-17 2012-07-18
7.5
 None Remote Low Not required Partial Partial Partial
The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request.
90 CVE-2012-3135 2012-07-17 2017-12-01
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and before, and 27.7.2 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
91 CVE-2012-3125 2012-07-17 2017-08-29
7.1
 None Remote Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows remote attackers to affect availability, related to TCP/IP.
92 CVE-2012-3120 2012-07-17 2017-08-29
7.8
 None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
93 CVE-2012-3076 78 Exec Code 2012-07-12 2012-07-12
9.0
 None Remote Low ??? Complete Complete Complete
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.
94 CVE-2012-3075 78 Exec Code 2012-07-12 2012-07-12
9.0
 None Remote Low ??? Complete Complete Complete
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.
95 CVE-2012-3074 78 Exec Code 2012-07-12 2018-10-30
8.3
 None Local Network Low Not required Complete Complete Complete
An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.
96 CVE-2012-3073 DoS 2012-07-12 2018-10-30
7.8
 None Remote Low Not required None None Complete
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.
97 CVE-2012-3017 119 DoS Overflow 2012-07-31 2020-04-13
7.8
 None Remote Low Not required None None Complete
Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed IP packets.
98 CVE-2012-3016 DoS 2012-07-31 2020-04-13
7.8
 None Remote Low Not required None None Complete
Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets.
99 CVE-2012-3008 119 Exec Code Overflow 2012-07-20 2017-12-22
8.5
 None Remote Medium ??? Complete Complete Complete
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
100 CVE-2012-2976 78 Exec Code 2012-07-23 2017-12-22
10.0
 None Remote Low Not required Complete Complete Complete
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
Total number of vulnerabilities : 164   Page : 1 2 (This Page)3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.