Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-05-03 | CVE-2011-0610 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.3 |
2011-05-03 | CVE-2011-1843 | Numeric Errors vulnerability in Banu Tinyproxy Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers. | 6.8 |
2011-05-03 | CVE-2011-1842 | Improper Input Validation vulnerability in Ubuntu Language-Selector dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729. | 7.2 |
2011-05-03 | CVE-2011-1841 | Cross-Site Scripting vulnerability in Mojolicious Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-05-03 | CVE-2010-4803 | Improper Input Validation vulnerability in Mojolicious Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors. | 10.0 |
2011-05-03 | CVE-2010-4802 | Improper Input Validation vulnerability in Mojolicious Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors. | 10.0 |
2011-05-03 | CVE-2009-5074 | Unspecified vulnerability in Mojolicious Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors. | 10.0 |
2011-04-29 | CVE-2011-1592 | Numeric Errors vulnerability in Wireshark The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | 4.3 |
2011-04-29 | CVE-2011-1591 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. | 9.3 |
2011-04-29 | CVE-2011-1589 | Path Traversal vulnerability in Mojolicious Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI. | 5.0 |