CVE-2012-6080

This is an entry in the Common Vulnerability Index under number CVE-2012-6080. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-6080

Description: Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a ..

Continue Reading …

CVE-2009-3096

This is an entry in the Common Vulnerability Index under number CVE-2009-3096. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2009-3096

Description: Multiple unspecified vulnerabilities in HP Performance Insight 5.3 allow remote attackers to have an unknown impact, related to (1) a “Remote exploit” on Windows platforms,

Continue Reading …

CVE-2016-6756

This is an entry in the Common Vulnerability Index under number CVE-2016-6756. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2016-6756

Description: An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels.

Continue Reading …

CVE-2014-9824

This is an entry in the Common Vulnerability Index under number CVE-2014-9824. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2014-9824

Description: Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2017-7440

This is an entry in the Common Vulnerability Index under number CVE-2017-7440. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2017-7440

Description: Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message.

Continue Reading …

CVE-2011-4248

This is an entry in the Common Vulnerability Index under number CVE-2011-4248. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2011-4248

Description: RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2005-2662

This is an entry in the Common Vulnerability Index under number CVE-2005-2662. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2005-2662

Description: masqmail before 0.2.18 allows remote attackers to execute arbitrary commands via crafted e-mail addresses that are not properly sanitized when creating a failed delivery message.

Continue Reading …

CVE-2005-1381

This is an entry in the Common Vulnerability Index under number CVE-2005-1381. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2005-1381

Description: Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.

Continue Reading …

CVE-2017-8387

This is an entry in the Common Vulnerability Index under number CVE-2017-8387. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2017-8387

Description: STDU Viewer version 1.6.375 might allow user-assisted attackers to execute code via a crafted file. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands including Ctrl-+ commands.

Continue Reading …

CVE-2011-3276

This is an entry in the Common Vulnerability Index under number CVE-2011-3276. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2011-3276

Description: Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060,

Continue Reading …