Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-18 | CVE-2011-4060 | Link Following vulnerability in QNX Neutrino Rtos 6.5.0 The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack. | 3.3 |
2011-10-16 | CVE-2010-4965 | Credentials Management vulnerability in Dlink Dcs-2121 and Dcs-2121 Firmware /etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password of admin for the root account, which makes it easier for remote attackers to obtain shell access by leveraging a running telnetd server. | 9.0 |
2011-10-16 | CVE-2010-4964 | Code Injection vulnerability in Dlink Dcs-2121 and Dcs-2121 Firmware recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability. | 9.0 |
2011-10-14 | CVE-2011-3437 | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document. | 6.8 |
2011-10-14 | CVE-2011-3436 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation. | 6.5 |
2011-10-14 | CVE-2011-3435 | Credentials Management vulnerability in Apple mac OS X and mac OS X Server Open Directory in Apple Mac OS X 10.7 before 10.7.2 allows local users to read the password data of arbitrary users via unspecified vectors. | 2.1 |
2011-10-14 | CVE-2011-3434 | Credentials Management vulnerability in Apple Iphone OS The WiFi component in Apple iOS before 5 stores WiFi credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application. | 4.3 |
2011-10-14 | CVE-2011-3432 | Resource Management Errors vulnerability in Apple Iphone OS The UIKit Alerts component in Apple iOS before 5 allows remote attackers to cause a denial of service (device hang) via a long tel: URL that triggers a large size for the acceptance dialog. | 5.0 |
2011-10-14 | CVE-2011-3431 | Information Exposure vulnerability in Apple Iphone OS The Home screen component in Apple iOS before 5 does not properly support a certain application-switching gesture, which might allow physically proximate attackers to obtain sensitive state information by watching the device's screen. | 2.1 |
2011-10-14 | CVE-2011-3430 | Unspecified vulnerability in Apple Iphone OS The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. | 9.3 |