CVE-2012-1415

This is an entry in the Common Vulnerability Index under number CVE-2012-1415. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-1415

Description: Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests that trigger a logout.

Continue Reading …

CVE-2012-0702

This is an entry in the Common Vulnerability Index under number CVE-2012-0702. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-0702

Description: Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors.

Continue Reading …

CVE-2012-3924

This is an entry in the Common Vulnerability Index under number CVE-2012-3924. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-3924

Description: The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface,

Continue Reading …

CVE-2012-5548

This is an entry in the Common Vulnerability Index under number CVE-2012-5548. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-5548

Description: Cross-site scripting (XSS) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Continue Reading …

CVE-2012-2414

This is an entry in the Common Vulnerability Index under number CVE-2012-2414. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-2414

Description: main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements,

Continue Reading …

CVE-2012-3123

This is an entry in the Common Vulnerability Index under number CVE-2012-3123. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-3123

Description: Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2012-0765

This is an entry in the Common Vulnerability Index under number CVE-2012-0765. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-0765

Description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL,

Continue Reading …

CVE-2012-1448

This is an entry in the Common Vulnerability Index under number CVE-2012-1448. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-1448

Description: The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004,

Continue Reading …

CVE-2012-1212

This is an entry in the Common Vulnerability Index under number CVE-2012-1212. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2012-1212

Description: Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName function in extensions/SMWHalo/includes/SMW_Initialize.php in Semantic Enterprise Wiki (SMW+) 1.5.6, 1.6.0_2 and earlier allows remote attackers to inject arbitrary web script or HTML via the target parameter to index.php/Special:FormEdit.

Continue Reading …