Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-29 | CVE-2002-2443 | Improper Input Validation vulnerability in multiple products schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. | 5.0 |
| 2013-05-21 | CVE-2007-6746 | Improper Input Validation vulnerability in Canonical Telepathy-Idle and Ubuntu Linux telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2013-05-16 | CVE-2013-1675 | Improper Initialization vulnerability in multiple products Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. | 6.5 |
| 2013-05-13 | CVE-2013-2021 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. | 4.3 |
| 2013-05-13 | CVE-2013-2020 | Numeric Errors vulnerability in multiple products Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read. | 5.0 |
| 2013-05-02 | CVE-2013-0306 | Numeric Errors vulnerability in multiple products The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter. | 5.0 |
| 2013-05-02 | CVE-2013-0305 | Information Exposure vulnerability in multiple products The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information. | 4.0 |
| 2013-04-29 | CVE-2013-1944 | Information Exposure vulnerability in multiple products The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. | 5.0 |
| 2013-04-29 | CVE-2013-1927 | Security Bypass vulnerability in IcedTea-Web The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR." Per http://www.ubuntu.com/usn/USN-1804-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS" Per http://lists.opensuse.org/opensuse-updates/2013-04/msg00106.html "Affected Products: openSUSE 12.2" | 6.8 |
| 2013-04-29 | CVE-2013-1926 | Security Bypass vulnerability in IcedTea-Web The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet. | 5.8 |