Vulnerabilities > Redhat > Enterprise Linux Server EUS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-12-11 | CVE-2013-5614 | Improper Restriction of Rendered UI Layers OR Frames vulnerability in multiple products Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | 4.3 |
| 2013-12-11 | CVE-2013-5612 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | 4.3 |
| 2013-05-21 | CVE-2012-6137 | Credentials Management vulnerability in Redhat products rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials. | 4.3 |
| 2013-04-17 | CVE-2013-1555 | Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition. | 4.0 |
| 2012-07-18 | CVE-2012-0867 | Improper Input Validation vulnerability in multiple products PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters. | 4.3 |
| 2012-06-05 | CVE-2012-1798 | Out-Of-Bounds Read vulnerability in Imagemagick The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. | 4.3 |
| 2012-06-05 | CVE-2012-0260 | Resource Exhaustion vulnerability in Imagemagick The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. | 4.3 |
| 2012-06-05 | CVE-2012-0248 | Infinite Loop vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. | 4.3 |
| 2012-06-05 | CVE-2012-0247 | Improper Input Validation vulnerability in Imagemagick ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. | 6.8 |
| 2012-05-03 | CVE-2012-1703 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690. | 6.8 |