CVE List 2012

Product
Score
Severity
Status
CVE
               
CVE Score Severity Package Description Published
CVE-2012-6704
7.8 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Serious kernel The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option. December 28, 2016, 01:12 am
CVE-2012-6703
4.0 MV Product/Version
affected:
CGE 7.0 Resolved
MVL6 Kernel 2.6.28 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
kernel Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call. June 29, 2016, 09:06 am
CVE-2012-6702
5.9 MV Product/Version
affected:
CGX 2.2 In progress
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.4 Resolved
Normal expat Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. June 16, 2016, 13:06 pm
CVE-2012-6701
7.2 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.0 Resolved
MVL6 Kernel 2.6.27 Resolved
kernel Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. May 2, 2016, 05:05 am
CVE-2012-6689
7.2 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
kernel The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages. May 2, 2016, 05:05 am
CVE-2012-6657
4.9 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal kernel The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. September 28, 2014, 05:09 am
CVE-2012-6656
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.4 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
MVL6 Toolchain 4.4 Resolved
Normal glibc iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of 0xffff to the iconv function when converting IBM930 encoded data to UTF-8. December 5, 2014, 10:12 am
CVE-2012-6647
4.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal kernel The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command. May 26, 2014, 17:05 pm
CVE-2012-6638
7.8 MV Product/Version
affected:
CGE 7.0 Resolved
MVL6 Kernel 2.6.28 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
High kernel The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663. February 15, 2014, 08:02 am
CVE-2012-6607
3.3 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
Low augeas The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786. November 23, 2013, 12:11 pm
CVE-2012-6549
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low kernel The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6548
1.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6547
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low kernel The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6546
1.9 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
Low kernel The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6545
1.9 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Low kernel The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6544
1.9 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
Low kernel The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. March 15, 2013, 15:03 pm
CVE-2012-6543
1.9 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6542
1.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. March 15, 2013, 15:03 pm
CVE-2012-6541
1.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6540
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low kernel The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6539
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low kernel The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. March 15, 2013, 15:03 pm
CVE-2012-6538
1.9 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. March 15, 2013, 15:03 pm
CVE-2012-6537
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low kernel net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. March 15, 2013, 15:03 pm
CVE-2012-6536
2.1 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new or (2) updated state. March 15, 2013, 15:03 pm
CVE-2012-6459
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Normal connman ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets. January 1, 2013, 09:01 am
CVE-2012-6422
9.3 MV Product/Version
affected:
Critical mx The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse. December 17, 2012, 18:12 pm
CVE-2012-6329
7.5 MV Product/Version
affected:
CGE 6.0 Resolved
High perl The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6. January 4, 2013, 15:01 pm
CVE-2012-6153
4.3 MV Product/Version
affected:
Normal commons-httpclient http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subjects Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783. September 4, 2014, 12:09 pm
CVE-2012-6151
4.3 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 6.0 Resolved
Medium net-snmp Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout. December 13, 2013, 12:12 pm
CVE-2012-6150
3.6 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
Low samba The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging an administrators pam_winbind configuration-file mistake. December 3, 2013, 13:12 pm
CVE-2012-6139
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 7.0 Resolved
Medium libxslt libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c. April 12, 2013, 17:04 pm
CVE-2012-6113
5.0 MV Product/Version
affected:
Normal php The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data. January 19, 2013, 15:01 pm
CVE-2012-6097
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal cronie File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab. April 9, 2013, 15:04 pm
CVE-2012-6095
1.2 MV Product/Version
affected:
CGX 2.2 Resolved
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Low proftpd ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands. January 24, 2013, 15:01 pm
CVE-2012-6093
4.3 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGE 7.0 In progress
Normal qt The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before 4.7.6, 4.8.x before 4.8.5, when using certain versions of openSSL, uses an incompatible structure layout that can read memory from the wrong location, which causes Qt to report an incorrect error when certificate validation fails and might cause users to make unsafe security decisions to accept a certificate. February 24, 2013, 13:02 pm
CVE-2012-6088
4.3 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
CGE 7.0 Resolved
Normal rpm The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an unparseable signature, which allows remote attackers to bypass RPM signature checks via a crafted package. January 18, 2013, 05:01 am
CVE-2012-6085
5.8 MV Product/Version
affected:
Medium gnupg The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet. January 23, 2013, 19:01 pm
CVE-2012-6075
9.3 MV Product/Version
affected:
CGX 2.4 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Critical qemu Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. February 12, 2013, 19:02 pm
CVE-2012-6068
10.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
High codesys_runtime_system The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener service or (2) transfer files via requests to the TCP listener service. January 21, 2013, 15:01 pm
CVE-2012-6065
4.6 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
Medium om_maximenu The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the Title has PHP option is enabled, allows remote authenticated users with the Administer OM Maximenu permission to execute arbitrary PHP code via a Link Title, a different vulnerability than CVE-2012-5553. December 3, 2012, 15:12 pm
CVE-2012-6062
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. December 5, 2012, 05:12 am
CVE-2012-6061
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a crafted value in a packet. December 5, 2012, 05:12 am
CVE-2012-6060
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
Medium wireshark Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. December 5, 2012, 05:12 am
CVE-2012-6059
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. December 5, 2012, 05:12 am
CVE-2012-6058
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value. December 5, 2012, 05:12 am
CVE-2012-6057
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet. December 5, 2012, 05:12 am
CVE-2012-6056
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. December 5, 2012, 05:12 am
CVE-2012-6055
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field. December 5, 2012, 05:12 am
CVE-2012-6054
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6. December 5, 2012, 05:12 am
CVE-2012-6053
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field. December 5, 2012, 05:12 am
CVE-2012-6052
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files. December 5, 2012, 05:12 am
CVE-2012-5851
4.3 MV Product/Version
affected:
CGX 1.8 Resolved
Normal webkit html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. November 15, 2012, 05:11 am
CVE-2012-5783
5.8 MV Product/Version
affected:
Normal commons-httpclient Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subjects Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. November 4, 2012, 16:11 pm
CVE-2012-5689
7.1 MV Product/Version
affected:
CGE 7.0 Resolved
High bind ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. January 25, 2013, 06:01 am
CVE-2012-5688
7.8 MV Product/Version
affected:
CGE 7.0 Resolved
High bind ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. December 6, 2012, 05:12 am
CVE-2012-5670
4.3 MV Product/Version
affected:
Medium freetype The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value. January 24, 2013, 15:01 pm
CVE-2012-5669
4.3 MV Product/Version
affected:
Medium freetype The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. January 24, 2013, 15:01 pm
CVE-2012-5668
4.3 MV Product/Version
affected:
Medium freetype FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an allocation error in the bdf_free_font function. January 24, 2013, 15:01 pm
CVE-2012-5667
4.4 MV Product/Version
affected:
CGE 6.0 Resolved
Medium grep Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow. January 3, 2013, 05:01 am
CVE-2012-5643
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 6.0 Resolved
Medium squid Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials. December 20, 2012, 06:12 am
CVE-2012-5627
4.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal mysql mariadb Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks. October 1, 2013, 12:10 pm
CVE-2012-5624
4.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGE 7.0 In progress
CGX 2.0 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal qt The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application. February 24, 2013, 13:02 pm
CVE-2012-5615
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal mysql mariadb Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames. December 3, 2012, 06:12 am
CVE-2012-5614
4.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
Normal mysql mariadb Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements. December 3, 2012, 06:12 am
CVE-2012-5613
6.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 In progress
Normal mysql mariadb ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the products installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue. December 3, 2012, 06:12 am
CVE-2012-5612
6.5 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 In progress
Normal mysql mariadb Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands. December 3, 2012, 06:12 am
CVE-2012-5611
6.5 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 In progress
Normal mysql mariadb Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. December 3, 2012, 06:12 am
CVE-2012-5602
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6058. Reason: This candidate is a reservation duplicate of CVE-2012-6058. Notes: All CVE users should reference CVE-2012-6058 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5601
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6055. Reason: This candidate is a reservation duplicate of CVE-2012-6055. Notes: All CVE users should reference CVE-2012-6055 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5600
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6062. Reason: This candidate is a reservation duplicate of CVE-2012-6062. Notes: All CVE users should reference CVE-2012-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5599
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6061. Reason: This candidate is a reservation duplicate of CVE-2012-6061. Notes: All CVE users should reference CVE-2012-6061 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5598
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6060. Reason: This candidate is a reservation duplicate of CVE-2012-6060. Notes: All CVE users should reference CVE-2012-6060 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5597
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6059. Reason: This candidate is a reservation duplicate of CVE-2012-6059. Notes: All CVE users should reference CVE-2012-6059 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5596
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6057. Reason: This candidate is a reservation duplicate of CVE-2012-6057. Notes: All CVE users should reference CVE-2012-6057 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5595
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6056. Reason: This candidate is a reservation duplicate of CVE-2012-6056. Notes: All CVE users should reference CVE-2012-6056 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5594
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6054. Reason: This candidate is a reservation duplicate of CVE-2012-6054. Notes: All CVE users should reference CVE-2012-6054 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5593
0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6053. Reason: This candidate is a reservation duplicate of CVE-2012-6053. Notes: All CVE users should reference CVE-2012-6053 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5592
0 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6052. Reason: This candidate is a reservation duplicate of CVE-2012-6052. Notes: All CVE users should reference CVE-2012-6052 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. December 5, 2012, 05:12 am
CVE-2012-5580
7.5 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Serious libproxy Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file. October 27, 2014, 17:10 pm
CVE-2012-5533
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal lighttpd The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the Connection: TE,,Keep-Alive header. November 24, 2012, 14:11 pm
CVE-2012-5532
4.9 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
Normal kernel The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. December 27, 2012, 05:12 am
CVE-2012-5526
5.0 MV Product/Version
affected:
Medium cgi.pm CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm. November 21, 2012, 17:11 pm
CVE-2012-5519
7.2 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Serious cups CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface. November 19, 2012, 18:11 pm
CVE-2012-5517
4.0 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0.24 Resolved
Professional PRO 5.0 Resolved
Medium kernel The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator. December 21, 2012, 05:12 am
CVE-2012-5469
7.5 MV Product/Version
affected:
Serious phpmyadmin The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. December 20, 2012, 06:12 am
CVE-2012-5383
6.2 MV Product/Version
affected:
Normal mysql ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in the C:MySQLMySQL Server 5.5in directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the IKE and AuthIP IPsec Keying Modules system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation. October 11, 2012, 05:10 am
CVE-2012-5381
6.0 MV Product/Version
affected:
Normal php ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in the C:PHP directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the IKE and AuthIP IPsec Keying Modules system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the PHP installation. October 11, 2012, 05:10 am
CVE-2012-5380
6.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in the C:Ruby193in directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the IKE and AuthIP IPsec Keying Modules system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation. October 11, 2012, 05:10 am
CVE-2012-5375
4.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium kernel The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (prevention of file creation) by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with a specific CRC32C hash value. February 18, 2013, 05:02 am
CVE-2012-5374
4.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium kernel The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value. February 18, 2013, 05:02 am
CVE-2012-5373
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal openjdk Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739. November 28, 2012, 07:11 am
CVE-2012-5371
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815. November 28, 2012, 07:11 am
CVE-2012-5368
4.3 MV Product/Version
affected:
Normal phpmyadmin phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by modifying this code. October 25, 2012, 05:10 am
CVE-2012-5339
3.5 MV Product/Version
affected:
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a procedure, or (3) a trigger. October 25, 2012, 05:10 am
CVE-2012-5240
5.8 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal wireshark Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. October 4, 2012, 14:10 pm
CVE-2012-5238
3.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low wireshark epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. October 4, 2012, 14:10 pm
CVE-2012-5237
3.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low wireshark The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. October 4, 2012, 14:10 pm
CVE-2012-5195
7.5 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Serious perl Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the x string repeat operator. December 17, 2012, 18:12 pm
CVE-2012-5166
7.8 MV Product/Version
affected:
High bind ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. October 10, 2012, 16:10 pm
CVE-2012-5159
7.5 MV Product/Version
affected:
Serious phpmyadmin phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack. September 25, 2012, 17:09 pm
CVE-2012-5134
6.8 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 6.0 Resolved
Medium chrome Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. November 27, 2012, 19:11 pm
CVE-2012-5096
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors. January 16, 2013, 19:01 pm
CVE-2012-5060
6.8 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension. January 16, 2013, 19:01 pm
CVE-2012-4930
2.6 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Low chrome The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a CRIME attack. September 15, 2012, 13:09 pm
CVE-2012-4929
2.6 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Low chrome The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a CRIME attack. September 15, 2012, 13:09 pm
CVE-2012-4579
3.5 MV Product/Version
affected:
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (2) DROP link for a crafted table name, (3) the Add Trigger popup within a Triggers page that references crafted table names, (4) an invalid trigger-creation attempt for a crafted table name, (5) crafted data in a table, or (6) a crafted tooltip label name during GIS data visualization, a different issue than CVE-2012-4345. August 21, 2012, 18:08 pm
CVE-2012-4565
4.7 MV Product/Version
affected:
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0.24 Resolved
MVL6 Kernel 2.6.27 Resolved
Medium kernel The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats. December 21, 2012, 05:12 am
CVE-2012-4564
6.8 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
Medium tiff ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. November 11, 2012, 07:11 am
CVE-2012-4542
4.6 MV Product/Version
affected:
Medium kernel block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes. February 28, 2013, 13:02 pm
CVE-2012-4530
2.1 MV Product/Version
affected:
MVL6 Kernel 2.6.29 Resolved
CGE 6.0 Resolved
Low kernel The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. February 17, 2013, 22:02 pm
CVE-2012-4522
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. November 24, 2012, 14:11 pm
CVE-2012-4508
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Low kernel Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. December 21, 2012, 05:12 am
CVE-2012-4505
10.0 MV Product/Version
affected:
CGX 2.4 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Critical libproxy Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. November 11, 2012, 07:11 am
CVE-2012-4504
10.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
Critical libproxy Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. November 11, 2012, 07:11 am
CVE-2012-4483
5.0 MV Product/Version
affected:
Normal commons The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing. October 31, 2012, 11:10 am
CVE-2012-4481
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005. May 2, 2013, 09:05 am
CVE-2012-4467
6.6 MV Product/Version
affected:
CGX 1.8 Resolved
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal kernel The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a crafted ioctl call. October 10, 2012, 16:10 pm
CVE-2012-4466
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005. April 25, 2013, 18:04 pm
CVE-2012-4464
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal ruby Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression. April 25, 2013, 18:04 pm
CVE-2012-4461
1.9 MV Product/Version
affected:
CGE 6.0 Resolved
Low kernel The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl. January 22, 2013, 17:01 pm
CVE-2012-4452
2.1 MV Product/Version
affected:
Low mysql MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6. October 9, 2012, 18:10 pm
CVE-2012-4444
5.0 MV Product/Version
affected:
Professional PRO 5.0.24 Resolved
CGE 6.0 Resolved
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0 Resolved
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0 Resolved
Medium kernel The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. December 21, 2012, 05:12 am
CVE-2012-4424
5.1 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
MVL6 Toolchain 4.3 Resolved
Medium glibc Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function. October 9, 2013, 17:10 pm
CVE-2012-4423
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium libvirt The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a gap in the RPC dispatch table. November 19, 2012, 06:11 am
CVE-2012-4414
6.5 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 In progress
Normal mysql mariadb Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete. January 22, 2013, 17:01 pm
CVE-2012-4412
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
MVL6 Toolchain 4.3 Resolved
CGE 7.0 Resolved
MVL6 Toolchain 4.4 Resolved
High glibc Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow. October 9, 2013, 17:10 pm
CVE-2012-4411
4.6 MV Product/Version
affected:
CGE 6.0 Resolved
Medium xen The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998. November 23, 2012, 14:11 pm
CVE-2012-4405
6.8 MV Product/Version
affected:
CGE 7.0 In progress
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal ghostscript Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. September 18, 2012, 12:09 pm
CVE-2012-4398
4.9 MV Product/Version
affected:
Professional PRO 5.0 Resolved
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0.24 Resolved
Consumer Mobilinux 5.0.24 Resolved
CGE 6.0 Resolved
Professional PRO 5.0 Resolved
Medium kernel The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application. February 17, 2013, 22:02 pm
CVE-2012-4388
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
Medium php The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398. September 7, 2012, 17:09 pm
CVE-2012-4345
3.5 MV Product/Version
affected:
Low phpmyadmin Multiple cross-site scripting (XSS) vulnerabilities in the Database Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) a crafted table name during table creation, or a (2) Empty link or (3) Drop link for a crafted table name. August 21, 2012, 18:08 pm
CVE-2012-4298
5.4 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal wireshark Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. August 16, 2012, 05:08 am
CVE-2012-4297
8.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Serious wireshark Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4296
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4295
3.3 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Low wireshark Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value. August 16, 2012, 05:08 am
CVE-2012-4294
5.8 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal wireshark Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. August 16, 2012, 05:08 am
CVE-2012-4293
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4292
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4291
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4290
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. August 16, 2012, 05:08 am
CVE-2012-4289
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
Low wireshark epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. August 16, 2012, 05:08 am
CVE-2012-4288
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Low wireshark Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. August 16, 2012, 05:08 am
CVE-2012-4287
5.0 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal wireshark epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length. August 16, 2012, 05:08 am
CVE-2012-4286
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal wireshark The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file. August 16, 2012, 05:08 am
CVE-2012-4285
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
Low wireshark The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. August 16, 2012, 05:08 am
CVE-2012-4244
7.8 MV Product/Version
affected:
High bind ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. September 14, 2012, 05:09 am
CVE-2012-4219
5.0 MV Product/Version
affected:
Normal phpmyadmin show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file. August 21, 2012, 14:08 pm
CVE-2012-4049
2.9 MV Product/Version
affected:
CGE 6.0 Resolved
Low wireshark epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. July 24, 2012, 14:07 pm
CVE-2012-4048
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
CGE 5.1 Resolved
Low wireshark The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump. July 24, 2012, 14:07 pm
CVE-2012-4025
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium squashfs Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. July 19, 2012, 14:07 pm
CVE-2012-4024
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium squashfs Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). NOTE: probably in most cases, the list file is a trusted file constructed by the programs user; however, there are some realistic situations in which a list file would be obtained from an untrusted remote source. July 19, 2012, 14:07 pm
CVE-2012-3955
7.1 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 1.8 Resolved
Serious dhcp ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. September 14, 2012, 05:09 am
CVE-2012-3954
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
Low dhcp Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. July 25, 2012, 05:07 am
CVE-2012-3868
4.3 MV Product/Version
affected:
CGE 7.0 Resolved
Medium bind Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. July 25, 2012, 05:07 am
CVE-2012-3826
3.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
Low wireshark Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392. June 30, 2012, 05:06 am
CVE-2012-3825
3.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGE 7.0 Resolved
Low wireshark Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392. June 30, 2012, 05:06 am
CVE-2012-3817
7.8 MV Product/Version
affected:
High bind ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. July 25, 2012, 05:07 am
CVE-2012-3587
2.6 MV Product/Version
affected:
Low apt APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle (MITM) attack. June 19, 2012, 15:06 pm
CVE-2012-3571
6.1 MV Product/Version
affected:
CGE 6.0 Resolved
Medium dhcp ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. July 25, 2012, 05:07 am
CVE-2012-3570
5.7 MV Product/Version
affected:
CGE 6.0 Resolved
Medium dhcp Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter. July 25, 2012, 05:07 am
CVE-2012-3552
5.4 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0.24 Resolved
Medium kernel Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. October 3, 2012, 06:10 am
CVE-2012-3548
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
Medium wireshark The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. August 30, 2012, 17:08 pm
CVE-2012-3524
6.9 MV Product/Version
affected:
CGE 6.0 Resolved
Medium libdbus libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus. September 18, 2012, 12:09 pm
CVE-2012-3520
1.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low kernel The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager. October 3, 2012, 06:10 am
CVE-2012-3515
7.2 MV Product/Version
affected:
CGE 6.0 Resolved
High qemu Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a device models address space. November 23, 2012, 14:11 pm
CVE-2012-3511
6.2 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0.24 Resolved
Consumer Mobilinux 5.0.24 Resolved
Medium kernel Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call. October 3, 2012, 22:10 pm
CVE-2012-3510
5.6 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal kernel Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. October 3, 2012, 06:10 am
CVE-2012-3509
5.0 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
MVL6 Toolchain 4.3 Resolved
Medium binutils Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the addition of CHUNK_HEADER_SIZE to the length, which triggers a heap-based buffer overflow. September 5, 2012, 18:09 pm
CVE-2012-3489
4.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal postgresql The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. October 3, 2012, 16:10 pm
CVE-2012-3488
4.9 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal postgresql The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue. October 3, 2012, 16:10 pm
CVE-2012-3480
4.6 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
Medium glibc Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified related functions in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. August 25, 2012, 05:08 am
CVE-2012-3466
4.4 MV Product/Version
affected:
Normal gnome-keyring GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to idle or timeout, does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unspecified impact via unknown attack vectors. October 22, 2012, 18:10 pm
CVE-2012-3450
2.6 MV Product/Version
affected:
CGE 6.0 Resolved
Low php pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value. August 6, 2012, 11:08 am
CVE-2012-3449
3.6 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
Low openvswitch Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files. August 7, 2012, 15:08 pm
CVE-2012-3445
3.5 MV Product/Version
affected:
CGE 6.0 Resolved
Low libvirt The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. August 7, 2012, 16:08 pm
CVE-2012-3440
5.6 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 1.8 Resolved
Normal sudo A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. August 8, 2012, 05:08 am
CVE-2012-3430
2.1 MV Product/Version
affected:
MVL6 Kernel 2.6.30 Resolved
Low kernel The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. October 3, 2012, 06:10 am
CVE-2012-3425
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
Medium libpng The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. August 13, 2012, 15:08 pm
CVE-2012-3417
4.0 MV Product/Version
affected:
Medium kernel The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny. August 13, 2012, 15:08 pm
CVE-2012-3412
7.8 MV Product/Version
affected:
CGE 6.0 Resolved
MVL6 Kernel 2.6.27 Resolved
High kernel The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value. October 3, 2012, 06:10 am
CVE-2012-3411
5.0 MV Product/Version
affected:
Medium dnsmasq Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. March 5, 2013, 15:03 pm
CVE-2012-3410
4.6 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 7.0 Resolved
Medium bash Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix. August 27, 2012, 18:08 pm
CVE-2012-3406
6.8 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
MVL6 Toolchain 4.3 Resolved
CGE 7.0 Resolved
Medium glibc The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not properly restrict the use of the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. February 10, 2014, 12:02 pm
CVE-2012-3405
5.0 MV Product/Version
affected:
MVL6 Toolchain 4.3 Resolved
MVL6 Toolchain 4.4 Resolved
CGE 7.0 Resolved
Medium glibc The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers desynchronization within the buffer size handling, a different vulnerability than CVE-2012-3404. February 10, 2014, 12:02 pm
CVE-2012-3404
5.0 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
CGE 7.0 Resolved
MVL6 Toolchain 4.3 Resolved
Medium glibc The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers. February 10, 2014, 12:02 pm
CVE-2012-3401
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium tiff The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. August 13, 2012, 15:08 pm
CVE-2012-3400
7.6 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
MVL6 Kernel 2.6.27 Resolved
High kernel Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem. October 3, 2012, 06:10 am
CVE-2012-3386
4.4 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal automake The make distcheck rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors. August 7, 2012, 16:08 pm
CVE-2012-3378
3.3 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Low at-spi2-atk The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2. August 31, 2012, 13:08 pm
CVE-2012-3375
4.9 MV Product/Version
affected:
CGE 6.0 Resolved
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
Medium kernel The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083. October 3, 2012, 06:10 am
CVE-2012-3365
5.0 MV Product/Version
affected:
Normal php The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. July 20, 2012, 05:07 am
CVE-2012-3364
5.0 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal kernel Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields. January 22, 2013, 17:01 pm
CVE-2012-3197
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication. October 16, 2012, 19:10 pm
CVE-2012-3180
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. October 16, 2012, 19:10 pm
CVE-2012-3177
6.8 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server. October 16, 2012, 19:10 pm
CVE-2012-3173
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin. October 16, 2012, 19:10 pm
CVE-2012-3167
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. October 16, 2012, 19:10 pm
CVE-2012-3166
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB. October 16, 2012, 19:10 pm
CVE-2012-3163
9.0 MV Product/Version
affected:
CGE 7.0 Resolved
Critical mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. October 16, 2012, 19:10 pm
CVE-2012-3160
2.1 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation. October 16, 2012, 18:10 pm
CVE-2012-3158
7.5 MV Product/Version
affected:
Serious mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol. October 16, 2012, 18:10 pm
CVE-2012-3156
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. October 16, 2012, 18:10 pm
CVE-2012-3150
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. October 16, 2012, 18:10 pm
CVE-2012-3149
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client. October 16, 2012, 18:10 pm
CVE-2012-3147
6.4 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. October 16, 2012, 18:10 pm
CVE-2012-3144
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. October 16, 2012, 18:10 pm
CVE-2012-2871
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium chrome libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. August 31, 2012, 14:08 pm
CVE-2012-2870
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal libxslt libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. August 31, 2012, 14:08 pm
CVE-2012-2845
6.4 MV Product/Version
affected:
Medium exif Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file. July 13, 2012, 05:07 am
CVE-2012-2841
7.5 MV Product/Version
affected:
High libexif Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow. July 13, 2012, 05:07 am
CVE-2012-2840
7.5 MV Product/Version
affected:
High libexif Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image. July 13, 2012, 05:07 am
CVE-2012-2837
5.0 MV Product/Version
affected:
Medium libexif The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags. July 13, 2012, 05:07 am
CVE-2012-2836
6.4 MV Product/Version
affected:
Medium libexif The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. July 13, 2012, 05:07 am
CVE-2012-2825
5.0 MV Product/Version
affected:
Medium chrome The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. June 27, 2012, 05:06 am
CVE-2012-2814
7.5 MV Product/Version
affected:
High libexif Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image. July 13, 2012, 05:07 am
CVE-2012-2813
6.4 MV Product/Version
affected:
Medium libexif The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. July 13, 2012, 05:07 am
CVE-2012-2812
6.4 MV Product/Version
affected:
Medium libexif The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. July 13, 2012, 05:07 am
CVE-2012-2807
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium chrome Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. June 27, 2012, 05:06 am
CVE-2012-2750
10.0 MV Product/Version
affected:
CGE 7.0 Resolved
Critical mysql Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a Security Fix, aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility. August 16, 2012, 19:08 pm
CVE-2012-2749
4.0 MV Product/Version
affected:
Normal mysql MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. August 16, 2012, 19:08 pm
CVE-2012-2745
4.7 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Medium kernel The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. August 9, 2012, 05:08 am
CVE-2012-2744
7.8 MV Product/Version
affected:
CGE 6.0 Resolved
High kernel net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. August 9, 2012, 05:08 am
CVE-2012-2739
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal openjdk Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. November 28, 2012, 07:11 am
CVE-2012-2738
4.0 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 In progress
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal vte The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value. July 22, 2012, 11:07 am
CVE-2012-2693
3.7 MV Product/Version
affected:
CGE 6.0 Resolved
Low libvirt libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. June 16, 2012, 22:06 pm
CVE-2012-2688
10.0 MV Product/Version
affected:
CGE 7.0 Resolved
Critical php Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. July 20, 2012, 05:07 am
CVE-2012-2686
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Consumer Mobilinux 5.0.24 Resolved
Medium openssl crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data. February 8, 2013, 13:02 pm
CVE-2012-2669
2.1 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Low kernel The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof Netlink communication via a crafted connector message. December 27, 2012, 05:12 am
CVE-2012-2668
4.3 MV Product/Version
affected:
Medium openldap libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. June 16, 2012, 22:06 pm
CVE-2012-2663
7.5 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0 Resolved
MVL6 Kernel 2.6.27 Resolved
MVL6 Kernel 2.6.28 Resolved
Professional PRO 5.0.24 Resolved
CGX 2.0 Resolved
Professional PRO 5.0 Resolved
High iptables extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. February 15, 2014, 08:02 am
CVE-2012-2655
4.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal postgresql PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural languages call handler. July 18, 2012, 18:07 pm
CVE-2012-2652
4.4 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 2.4 Resolved
CGX 1.8 Resolved
Normal qemu The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file. August 7, 2012, 15:08 pm
CVE-2012-2394
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
Low wireshark Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet. June 30, 2012, 05:06 am
CVE-2012-2393
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 In progress
Low wireshark epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation. June 30, 2012, 05:06 am
CVE-2012-2392
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 In progress
Low wireshark Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. June 30, 2012, 05:06 am
CVE-2012-2390
4.9 MV Product/Version
affected:
Medium kernel Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations. June 13, 2012, 05:06 am
CVE-2012-2389
2.1 MV Product/Version
affected:
Low hostapd hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. June 21, 2012, 10:06 am
CVE-2012-2388
7.5 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGE 7.0 Resolved
Serious strongswan The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka RSA signature verification vulnerability. June 27, 2012, 16:06 pm
CVE-2012-2386
7.5 MV Product/Version
affected:
Serious php Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow. July 7, 2012, 05:07 am
CVE-2012-2384
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.37 Resolved
Medium kernel Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. June 13, 2012, 05:06 am
CVE-2012-2383
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.37 Resolved
Medium kernel Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call. June 13, 2012, 05:06 am
CVE-2012-2376
10.0 MV Product/Version
affected:
CGE 7.0 Resolved
Critical php Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012. May 21, 2012, 10:05 am
CVE-2012-2375
4.6 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
Normal kernel The __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words in an FATTR4_ACL reply. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-4131. June 13, 2012, 05:06 am
CVE-2012-2373
4.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium kernel The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension (PAE) is enabled, does not properly use the Page Middle Directory (PMD), which allows local users to cause a denial of service (panic) via a crafted application that triggers a race condition. August 9, 2012, 05:08 am
CVE-2012-2372
4.4 MV Product/Version
affected:
MVL6 Kernel 2.6.30 Resolved
Medium kernel The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interfaces own IP address, as demonstrated by rds-ping. January 22, 2013, 17:01 pm
CVE-2012-2370
5.0 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.4 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
Normal gdk-pixbuf Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow. August 13, 2012, 15:08 pm
CVE-2012-2337
7.2 MV Product/Version
affected:
CGE 6.0 Resolved
High sudo sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. May 18, 2012, 13:05 pm
CVE-2012-2336
5.0 MV Product/Version
affected:
Medium php sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the T case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. May 11, 2012, 05:05 am
CVE-2012-2335
7.5 MV Product/Version
affected:
High php php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence. May 11, 2012, 05:05 am
CVE-2012-2333
6.8 MV Product/Version
affected:
CGE 7.0 Resolved
Medium openssl Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. May 14, 2012, 17:05 pm
CVE-2012-2330
6.4 MV Product/Version
affected:
Normal nodejs The Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information (request header contents) and possibly spoof HTTP headers via a zero length string. August 13, 2012, 18:08 pm
CVE-2012-2329
5.0 MV Product/Version
affected:
Normal php Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request. May 11, 2012, 05:05 am
CVE-2012-2322
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal connman Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet. May 18, 2012, 17:05 pm
CVE-2012-2321
10.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 1.8 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Critical connman The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply. May 18, 2012, 17:05 pm
CVE-2012-2320
7.8 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
Serious connman ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message. May 18, 2012, 17:05 pm
CVE-2012-2319
7.2 MV Product/Version
affected:
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0.24 Resolved
MVL6 Kernel 2.6.27 Resolved
Consumer Mobilinux 5.0.24 Resolved
High kernel Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020. May 17, 2012, 06:05 am
CVE-2012-2313
1.2 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0.24 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
Consumer Mobilinux 5.0.24 Resolved
Low kernel The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. June 13, 2012, 05:06 am
CVE-2012-2311
7.5 MV Product/Version
affected:
High php sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the d case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823. May 11, 2012, 05:05 am
CVE-2012-2213
5.0 MV Product/Version
affected:
Normal squid ** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a req_header Host acl regex that matches www.uol.com.br. April 28, 2012, 05:04 am
CVE-2012-2150
5.0 MV Product/Version
affected:
Normal xfsprogs xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image. August 25, 2015, 12:08 pm
CVE-2012-2143
4.3 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal postgresql php The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password. July 5, 2012, 09:07 am
CVE-2012-2141
3.5 MV Product/Version
affected:
CGE 6.0 Resolved
Low net-snmp Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table. August 14, 2012, 17:08 pm
CVE-2012-2137
6.9 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal kernel Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function. January 22, 2013, 17:01 pm
CVE-2012-2136
7.2 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
High kernel The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device. August 9, 2012, 05:08 am
CVE-2012-2135
6.4 MV Product/Version
affected:
CGX 1.8 Resolved
CGE 7.0 Resolved
CGX 2.0 Resolved
Medium python The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors. August 14, 2012, 17:08 pm
CVE-2012-2133
4.0 MV Product/Version
affected:
CGE 6.0 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
MVL6 Kernel 2.6.27 Resolved
Medium kernel Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data. July 3, 2012, 11:07 am
CVE-2012-2132
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal libsoup libsoup 2.32.2 and earlier does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote attackers to bypass authentication by connecting with a SSL connection. August 20, 2012, 13:08 pm
CVE-2012-2131
7.5 MV Product/Version
affected:
High openssl Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110. April 24, 2012, 15:04 pm
CVE-2012-2127
5.0 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
Normal kernel fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd. June 21, 2012, 18:06 pm
CVE-2012-2123
7.2 MV Product/Version
affected:
MVL6 Kernel 2.6.35 Resolved
MVL6 Kernel 2.6.29 Resolved
High kernel The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process to disable ASLR. May 17, 2012, 06:05 am
CVE-2012-2122
5.1 MV Product/Version
affected:
CGX 2.2 Resolved
CGE 7.0 Resolved
CGX 2.0 In progress
Normal mysql mariadb sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value. June 26, 2012, 13:06 pm
CVE-2012-2121
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Medium kernel The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. May 17, 2012, 06:05 am
CVE-2012-2119
5.2 MV Product/Version
affected:
MVL6 Kernel 2.6.34 Resolved
Medium kernel Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length. January 22, 2013, 17:01 pm
CVE-2012-2118
10.0 MV Product/Version
affected:
High x11 Format string vulnerability in the LogVHdrMessageVerb function in os/log.c in X.Org X11 1.11 allows attackers to cause a denial of service or possibly execute arbitrary code via format string specifiers in an input device name. May 18, 2012, 17:05 pm
CVE-2012-2111
6.5 MV Product/Version
affected:
Medium samba The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obtain the take ownership privilege via an LSA connection. April 30, 2012, 09:04 am
CVE-2012-2110
7.5 MV Product/Version
affected:
High openssl The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. April 19, 2012, 12:04 pm
CVE-2012-2102
3.5 MV Product/Version
affected:
Low mysql MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. August 16, 2012, 19:08 pm
CVE-2012-2100
7.1 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
High kernel The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307. July 3, 2012, 11:07 am
CVE-2012-2089
5.1 MV Product/Version
affected:
Normal nginx Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file. April 17, 2012, 16:04 pm
CVE-2012-1902
4.3 MV Product/Version
affected:
Normal phpmyadmin show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file. April 6, 2012, 14:04 pm
CVE-2012-1823
7.5 MV Product/Version
affected:
High php sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the d case. May 11, 2012, 05:05 am
CVE-2012-1820
2.9 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Low quagga The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. June 13, 2012, 10:06 am
CVE-2012-1757
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. July 17, 2012, 18:07 pm
CVE-2012-1756
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors. July 17, 2012, 17:07 pm
CVE-2012-1735
6.8 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. July 17, 2012, 17:07 pm
CVE-2012-1734
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. July 17, 2012, 17:07 pm
CVE-2012-1705
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. January 16, 2013, 19:01 pm
CVE-2012-1703
6.8 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690. May 3, 2012, 17:05 pm
CVE-2012-1702
5.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors. January 16, 2013, 19:01 pm
CVE-2012-1697
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. May 3, 2012, 17:05 pm
CVE-2012-1696
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. May 3, 2012, 17:05 pm
CVE-2012-1690
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703. May 3, 2012, 17:05 pm
CVE-2012-1689
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. July 17, 2012, 17:07 pm
CVE-2012-1688
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML. May 3, 2012, 17:05 pm
CVE-2012-1667
8.5 MV Product/Version
affected:
High bind ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. June 5, 2012, 11:06 am
CVE-2012-1663
7.5 MV Product/Version
affected:
CGE 6.0 Resolved
High gnutls Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list. March 13, 2012, 17:03 pm
CVE-2012-1618
7.5 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Serious postgresql Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with the standard_conforming_strings option enabled, such as the default configuration of PostgreSQL 9.1, does not properly escape unspecified JDBC statement parameters, which allows remote attackers to perform SQL injection attacks. NOTE: as of 20120330, it was claimed that the upstream developer planned to dispute this issue, but an official dispute has not been posted as of 20121005. October 6, 2012, 17:10 pm
CVE-2012-1601
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Medium kernel The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. May 17, 2012, 06:05 am
CVE-2012-1596
5.0 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium wireshark The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. April 11, 2012, 05:04 am
CVE-2012-1595
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
Medium wireshark The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. April 11, 2012, 05:04 am
CVE-2012-1594
3.3 MV Product/Version
affected:
CGE 5.1 Resolved
Low wireshark epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. April 11, 2012, 05:04 am
CVE-2012-1593
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 5.1 Resolved
Low wireshark epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. April 11, 2012, 05:04 am
CVE-2012-1586
2.1 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 7.0 Resolved
Low cifs-utils mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message. August 27, 2012, 18:08 pm
CVE-2012-1584
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal taglib Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation. September 6, 2012, 13:09 pm
CVE-2012-1583
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 2.0 Resolved
Normal kernel Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux kernel before 2.6.22, when the xfrm6_tunnel module is enabled, allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets. June 16, 2012, 16:06 pm
CVE-2012-1573
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium gnutls gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. March 26, 2012, 14:03 pm
CVE-2012-1571
4.3 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 7.0 Resolved
Medium file file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. July 17, 2012, 16:07 pm
CVE-2012-1569
5.0 MV Product/Version
affected:
Medium gnutls The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. March 26, 2012, 14:03 pm
CVE-2012-1568
1.9 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
Low fedora The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries. February 28, 2013, 23:02 pm
CVE-2012-1190
4.3 MV Product/Version
affected:
Normal phpmyadmin Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name. May 2, 2012, 23:05 pm
CVE-2012-1182
10.0 MV Product/Version
affected:
High samba The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. April 10, 2012, 16:04 pm
CVE-2012-1180
5.0 MV Product/Version
affected:
Normal nginx Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request. April 17, 2012, 16:04 pm
CVE-2012-1179
5.2 MV Product/Version
affected:
CGE 6.0 Resolved
Medium kernel The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. May 17, 2012, 06:05 am
CVE-2012-1174
3.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
Low systemd The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to particular records related with user session. July 12, 2012, 15:07 pm
CVE-2012-1173
6.8 MV Product/Version
affected:
Medium tiff Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow. June 4, 2012, 15:06 pm
CVE-2012-1172
5.8 MV Product/Version
affected:
Normal php The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions. May 23, 2012, 19:05 pm
CVE-2012-1171
5.0 MV Product/Version
affected:
Normal php The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. February 15, 2014, 08:02 am
CVE-2012-1165
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium openssl The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. March 15, 2012, 12:03 pm
CVE-2012-1164
2.6 MV Product/Version
affected:
CGE 6.0 Resolved
Low openldap slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. June 29, 2012, 14:06 pm
CVE-2012-1151
5.0 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal perl Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function. September 9, 2012, 16:09 pm
CVE-2012-1150
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
CGE 7.0 Resolved
CGE 6.0 Resolved
Medium python Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. October 5, 2012, 16:10 pm
CVE-2012-1148
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium expat Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. July 3, 2012, 14:07 pm
CVE-2012-1147
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
Medium expat readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files. July 3, 2012, 14:07 pm
CVE-2012-1146
10.0 MV Product/Version
affected:
MVL6 Kernel 2.6.34 Resolved
High kernel The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. May 17, 2012, 06:05 am
CVE-2012-1144
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. April 25, 2012, 05:04 am
CVE-2012-1143
4.3 MV Product/Version
affected:
Medium freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. April 25, 2012, 05:04 am
CVE-2012-1142
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font. April 25, 2012, 05:04 am
CVE-2012-1141
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1140
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object. April 25, 2012, 05:04 am
CVE-2012-1139
9.3 MV Product/Version
affected:
High freetype Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1138
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font. April 25, 2012, 05:04 am
CVE-2012-1137
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1136
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. April 25, 2012, 05:04 am
CVE-2012-1135
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font. April 25, 2012, 05:04 am
CVE-2012-1134
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. April 25, 2012, 05:04 am
CVE-2012-1133
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1132
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font. April 25, 2012, 05:04 am
CVE-2012-1131
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. April 25, 2012, 05:04 am
CVE-2012-1130
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font. April 25, 2012, 05:04 am
CVE-2012-1129
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font. April 25, 2012, 05:04 am
CVE-2012-1128
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. April 25, 2012, 05:04 am
CVE-2012-1127
9.3 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1126
10.0 MV Product/Version
affected:
High freetype FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font. April 25, 2012, 05:04 am
CVE-2012-1108
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal taglib The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file. September 6, 2012, 13:09 pm
CVE-2012-1107
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal taglib The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error. September 6, 2012, 13:09 pm
CVE-2012-1097
7.2 MV Product/Version
affected:
MVL6 Kernel 2.6.27 Resolved
High kernel The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_SETREGSET ptrace call. May 17, 2012, 06:05 am
CVE-2012-1090
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.31 Resolved
Medium kernel The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. May 17, 2012, 06:05 am
CVE-2012-1088
3.3 MV Product/Version
affected:
CGE 6.0 Resolved
Low iproute2 iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. February 15, 2014, 08:02 am
CVE-2012-1033
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium bind The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a ghost domain names attack. February 8, 2012, 14:02 pm
CVE-2012-1017
7.5 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGE 7.0 Resolved
CGX 1.8 Resolved
CGX 2.4 Resolved
Serious base Multiple SQL injection vulnerabilities in base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allow remote attackers to execute arbitrary SQL commands via the (1) ip_addr[0][1], (2) ip_addr[0][2], or (3) ip_addr[0][9] parameters. February 7, 2012, 18:02 pm
CVE-2012-0961
2.1 MV Product/Version
affected:
Low apt Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file. December 26, 2012, 16:12 pm
CVE-2012-0957
4.9 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal kernel The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality. December 21, 2012, 05:12 am
CVE-2012-0954
2.6 MV Product/Version
affected:
Low apt APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587. June 19, 2012, 15:06 pm
CVE-2012-0884
5.0 MV Product/Version
affected:
CGE 7.0 Resolved
Medium openssl The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack. March 12, 2012, 22:03 pm
CVE-2012-0882
7.5 MV Product/Version
affected:
Serious mysql Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE. December 20, 2012, 23:12 pm
CVE-2012-0879
4.9 MV Product/Version
affected:
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0.24 Resolved
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0 Resolved
Medium kernel The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context. May 17, 2012, 06:05 am
CVE-2012-0876
4.3 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 6.0 Resolved
Medium expat The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. July 3, 2012, 14:07 pm
CVE-2012-0875
5.4 MV Product/Version
affected:
Medium systemtap SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer. February 4, 2014, 17:02 pm
CVE-2012-0871
6.3 MV Product/Version
affected:
Medium systemd The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. April 18, 2014, 09:04 am
CVE-2012-0870
7.9 MV Product/Version
affected:
CGX 2.2 Resolved
CGE 7.0 Resolved
Serious samba Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion. February 23, 2012, 06:02 am
CVE-2012-0868
6.8 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal postgresql CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored. July 18, 2012, 18:07 pm
CVE-2012-0867
4.3 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal postgresql PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters. July 18, 2012, 18:07 pm
CVE-2012-0866
6.5 MV Product/Version
affected:
CGE 7.0 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
Normal postgresql CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table. July 18, 2012, 18:07 pm
CVE-2012-0864
6.8 MV Product/Version
affected:
MVL6 Toolchain 4.4 Resolved
CGE 6.0 Resolved
Medium glibc Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. May 2, 2013, 09:05 am
CVE-2012-0862
4.3 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Medium xinetd builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. June 4, 2012, 15:06 pm
CVE-2012-0845
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
CGE 7.0 Resolved
Medium python SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. October 5, 2012, 16:10 pm
CVE-2012-0841
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium libxml2 libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. December 20, 2012, 23:12 pm
CVE-2012-0840
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium portable_runtime tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. February 10, 2012, 13:02 pm
CVE-2012-0831
6.8 MV Product/Version
affected:
Normal php PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. February 10, 2012, 14:02 pm
CVE-2012-0830
7.5 MV Product/Version
affected:
Serious php The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885. February 6, 2012, 14:02 pm
CVE-2012-0817
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGE 7.0 Resolved
Normal samba Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests. January 30, 2012, 11:01 am
CVE-2012-0815
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium rpm The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. June 4, 2012, 15:06 pm
CVE-2012-0814
3.5 MV Product/Version
affected:
CGE 5.1 Resolved
CGE 6.0 Resolved
Low openssh The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory. January 27, 2012, 13:01 pm
CVE-2012-0811
6.5 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Normal postfix Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the pw parameter to the pacrypt function, when mysql_encrypt is configured, or (2) unspecified vectors that are used in backup files generated by backup.php. October 1, 2014, 09:10 am
CVE-2012-0809
7.2 MV Product/Version
affected:
High sudo Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. January 31, 2012, 18:01 pm
CVE-2012-0805
7.5 MV Product/Version
affected:
Serious sqlalchemy Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. June 5, 2012, 17:06 pm
CVE-2012-0789
5.0 MV Product/Version
affected:
Medium php Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. February 14, 2012, 09:02 am
CVE-2012-0788
5.0 MV Product/Version
affected:
Medium php The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. February 14, 2012, 09:02 am
CVE-2012-0787
3.7 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
Low augeas The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option. November 23, 2013, 12:11 pm
CVE-2012-0786
3.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
Low augeas The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. November 23, 2013, 12:11 pm
CVE-2012-0781
5.0 MV Product/Version
affected:
Normal php The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153. January 18, 2012, 14:01 pm
CVE-2012-0698
5.0 MV Product/Version
affected:
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
Normal trousers tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003. November 26, 2012, 06:11 am
CVE-2012-0648
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0639
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0638
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0637
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0636
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0634
7.6 MV Product/Version
affected:
CGX 1.8 Resolved
Serious webkit WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. March 8, 2012, 16:03 pm
CVE-2012-0583
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. May 3, 2012, 17:05 pm
CVE-2012-0578
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. January 16, 2013, 19:01 pm
CVE-2012-0574
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. January 16, 2013, 19:01 pm
CVE-2012-0572
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. January 16, 2013, 19:01 pm
CVE-2012-0553
7.5 MV Product/Version
affected:
Serious mysql Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492. March 28, 2013, 18:03 pm
CVE-2012-0540
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension. July 17, 2012, 17:07 pm
CVE-2012-0496
4.3 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0495
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493. January 18, 2012, 16:01 pm
CVE-2012-0494
1.7 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0493
2.1 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0492
2.1 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485. January 18, 2012, 16:01 pm
CVE-2012-0491
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0490
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0489
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0488
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0487
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0486
5.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0485
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492. January 18, 2012, 16:01 pm
CVE-2012-0484
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0390
4.3 MV Product/Version
affected:
Medium gnutls The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if there is a specific relationship between a padding length and the ciphertext size, which makes it easier for remote attackers to recover partial plaintext via a timing side-channel attack, a related issue to CVE-2011-4108. January 5, 2012, 19:01 pm
CVE-2012-0255
5.0 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.2 Resolved
CGE 7.0 Resolved
Normal quagga The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed Four-octet AS Number Capability (aka AS4 capability). April 5, 2012, 08:04 am
CVE-2012-0250
3.3 MV Product/Version
affected:
CGX 2.0 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
CGE 7.0 Resolved
Low quagga Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field. April 5, 2012, 08:04 am
CVE-2012-0249
3.3 MV Product/Version
affected:
CGX 1.8 Resolved
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Low quagga Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. April 5, 2012, 08:04 am
CVE-2012-0219
6.2 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 1.8 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGX 2.2 Resolved
Normal socat Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address. June 21, 2012, 10:06 am
CVE-2012-0216
4.4 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
Normal apache2 The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server. April 22, 2012, 13:04 pm
CVE-2012-0213
5.0 MV Product/Version
affected:
Normal poi The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document. August 7, 2012, 16:08 pm
CVE-2012-0207
7.8 MV Product/Version
affected:
MVL6 Kernel 2.6.36 Resolved
MVL6 Kernel 2.6.36 Resolved
High kernel The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. May 17, 2012, 06:05 am
CVE-2012-0120
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492. January 18, 2012, 16:01 pm
CVE-2012-0119
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. January 18, 2012, 16:01 pm
CVE-2012-0118
4.9 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113. January 18, 2012, 16:01 pm
CVE-2012-0117
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. January 18, 2012, 16:01 pm
CVE-2012-0116
4.9 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0115
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. January 18, 2012, 16:01 pm
CVE-2012-0114
3.0 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0113
5.5 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118. January 18, 2012, 16:01 pm
CVE-2012-0112
3.5 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. January 18, 2012, 16:01 pm
CVE-2012-0102
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101. January 18, 2012, 16:01 pm
CVE-2012-0101
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102. January 18, 2012, 16:01 pm
CVE-2012-0087
4.0 MV Product/Version
affected:
Normal mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102. January 18, 2012, 16:01 pm
CVE-2012-0075
1.7 MV Product/Version
affected:
Low mysql Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors. January 18, 2012, 16:01 pm
CVE-2012-0068
4.3 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Medium wireshark The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell capture file containing a record that is too small. April 11, 2012, 05:04 am
CVE-2012-0067
4.3 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Medium wireshark wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. April 11, 2012, 05:04 am
CVE-2012-0066
4.3 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Medium wireshark Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. April 11, 2012, 05:04 am
CVE-2012-0064
4.6 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGE 7.0 In progress
Normal xkeyboard-config xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab. February 10, 2014, 17:02 pm
CVE-2012-0061
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium rpm The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header. June 4, 2012, 15:06 pm
CVE-2012-0060
6.8 MV Product/Version
affected:
CGE 6.0 Resolved
Medium rpm RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. June 4, 2012, 15:06 pm
CVE-2012-0058
4.9 MV Product/Version
affected:
Medium kernel The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management. May 17, 2012, 06:05 am
CVE-2012-0057
6.4 MV Product/Version
affected:
Medium php PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. February 1, 2012, 18:02 pm
CVE-2012-0056
6.9 MV Product/Version
affected:
MVL6 Kernel 2.6.38 Resolved
Medium kernel The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper. January 27, 2012, 09:01 am
CVE-2012-0053
4.3 MV Product/Version
affected:
Medium appache protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. January 27, 2012, 22:01 pm
CVE-2012-0050
5.0 MV Product/Version
affected:
CGX 2.2 Resolved
CGX 2.0 Resolved
CGX 1.8 Resolved
CGX 2.4 Resolved
CGE 7.0 Resolved
Normal openssl OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. January 19, 2012, 13:01 pm
CVE-2012-0045
4.7 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Medium kernel The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file. July 3, 2012, 11:07 am
CVE-2012-0044
7.2 MV Product/Version
affected:
High kernel Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. May 17, 2012, 06:05 am
CVE-2012-0043
5.8 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Medium wireshark Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. April 11, 2012, 05:04 am
CVE-2012-0042
2.9 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Low wireshark Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. April 11, 2012, 05:04 am
CVE-2012-0041
4.3 MV Product/Version
affected:
CGE 5.1 In progress
CGE 6.0 Resolved
Medium wireshark The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. April 11, 2012, 05:04 am
CVE-2012-0039
5.0 MV Product/Version
affected:
CGX 2.4 Resolved
CGX 2.2 Resolved
CGX 1.8 Resolved
CGX 2.0 Resolved
CGE 7.0 Resolved
CGE 7.0 In progress
Normal glib ** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application. January 14, 2012, 11:01 am
CVE-2012-0038
4.9 MV Product/Version
affected:
MVL6 Kernel 2.6.32 Resolved
Medium kernel Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow. May 17, 2012, 06:05 am
CVE-2012-0036
7.5 MV Product/Version
affected:
High curl curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol. April 13, 2012, 15:04 pm
CVE-2012-0031
4.6 MV Product/Version
affected:
Medium appache scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. January 18, 2012, 14:01 pm
CVE-2012-0029
7.4 MV Product/Version
affected:
CGE 6.0 Resolved
High qemu-kvm Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. January 27, 2012, 09:01 am
CVE-2012-0028
7.2 MV Product/Version
affected:
MVL5 Kernel 2.6.29 Resolved
Consumer Mobilinux 5.0.24 Resolved
Professional PRO 5.0.24 Resolved
MVL6 Kernel 2.6.27 Resolved
Professional PRO 5.0 Resolved
Professional PRO 5.0 Resolved
High kernel The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process. June 21, 2012, 18:06 pm
CVE-2012-0027
5.0 MV Product/Version
affected:
CGE 6.0 Resolved
Medium openssl The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. January 5, 2012, 19:01 pm