Vulnerabilities > Trevor Mckay

DATE CVE VULNERABILITY TITLE RISK
2012-09-28 CVE-2012-3459 Permissions, Privileges, and Access Controls vulnerability in multiple products
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.
4.9
2012-09-28 CVE-2012-2685 Resource Management Errors vulnerability in multiple products
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.
network
low complexity
trevor-mckay redhat CWE-399
4.0
2012-09-28 CVE-2012-2684 SQL Injection vulnerability in multiple products
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
network
low complexity
trevor-mckay redhat CWE-89
7.5
2012-09-28 CVE-2012-2681 Cryptographic Issues vulnerability in multiple products
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.
5.8
2012-09-28 CVE-2012-2680 Permissions, Privileges, and Access Controls vulnerability in multiple products
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) "web pages," (2) "export functionality," and (3) "image viewing."
network
low complexity
trevor-mckay redhat CWE-264
5.0