Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-07-08 | CVE-2011-2664 | Local Security vulnerability in Check Point Provider-1 Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors. | 3.6 |
2011-07-08 | CVE-2011-2465 | Remote Denial of Service vulnerability in ISC BIND 9 RPZ Configurations Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. | 2.6 |
2011-07-08 | CVE-2011-2464 | Packet Processing Remote Denial of Service vulnerability in ISC BIND 9 Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. | 5.0 |
2011-07-07 | CVE-2011-2192 | Credentials Management vulnerability in multiple products The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. | 4.3 |
2011-07-07 | CVE-2011-1946 | Permissions, Privileges, and Access Controls vulnerability in Hongli LAI Libgnomesu 1.0.0 gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but proceeds with the non-error code path upon failure of the setgid or setuid function, which allows local users to gain privileges by leveraging access to two unprivileged user accounts, and running many processes under one of these accounts. | 7.2 |
2011-07-07 | CVE-2011-1498 | Information Exposure vulnerability in Apache Httpclient 4.0/4.0.1/4.1 Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header. | 4.3 |
2011-07-07 | CVE-2011-1224 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application. | 4.3 |
2011-07-07 | CVE-2011-2682 | Resource Management Errors vulnerability in IBM Rational Doors web Access The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service (license consumption) by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login. | 4.0 |
2011-07-07 | CVE-2011-2681 | Improper Input Validation vulnerability in IBM Rational Doors web Access IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors. | 10.0 |
2011-07-07 | CVE-2011-2680 | Multiple Unspecified vulnerability in IBM Rational DOORS Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response." | 10.0 |