Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-05-13 | CVE-2011-1851 | Buffer Errors vulnerability in HP Intelligent Management Center 5.0 Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field. | 10.0 |
| 2011-05-13 | CVE-2011-1850 | Buffer Errors vulnerability in HP Intelligent Management Center 5.0 Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action. | 10.0 |
| 2011-05-13 | CVE-2011-1849 | Improper Input Validation vulnerability in HP Intelligent Management Center 5.0 tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request. | 10.0 |
| 2011-05-13 | CVE-2011-1848 | Buffer Errors vulnerability in HP Intelligent Management Center 5.0 Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet. | 10.0 |
| 2011-05-13 | CVE-2011-1840 | Cryptographic Issues vulnerability in Martinicreations Passmanlite Password Manager The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access. | 2.1 |
| 2011-05-13 | CVE-2011-1772 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element. | 2.6 |
| 2011-05-13 | CVE-2011-1738 | Permissions, Privileges, and Access Controls vulnerability in HP Palm Webos 1.4.5/1.4.5.1 HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access. | 7.2 |
| 2011-05-13 | CVE-2011-1737 | Cross-Site Scripting vulnerability in HP Palm Webos 1.4.5/1.4.5.1 Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-05-13 | CVE-2011-1325 | Cross-Site Request Forgery (CSRF) vulnerability in Lockon Ec-Cube Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 5.8 |
| 2011-05-13 | CVE-2011-1270 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Powerpoint 2002/2003 Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability." | 9.3 |