Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3052 1 Cisco 1 Vpn Client 2025-04-11 N/A
Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.
CVE-2012-3073 1 Cisco 15 Telepresence Manager, Telepresence Multipoint Switch, Telepresence Multipoint Switch Software and 12 more 2025-04-11 N/A
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.
CVE-2012-3096 1 Cisco 1 Unity Connection 2025-04-11 N/A
Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug ID CSCtd79132.
CVE-2012-3693 1 Apple 1 Safari 2025-04-11 N/A
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs.
CVE-2012-3730 1 Apple 1 Iphone Os 2025-04-11 N/A
Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender.
CVE-2012-3731 1 Apple 1 Iphone Os 2025-04-11 N/A
Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.
CVE-2012-3744 1 Apple 1 Iphone Os 2025-04-11 N/A
Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address, which allows remote attackers to spoof text communication via a message in which the return address does not match the originating address.
CVE-2012-3811 1 Avaya 1 Ip Office Customer Call Reporter 2025-04-11 N/A
Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.
CVE-2012-3841 1 Kmplayer 1 Kmplayer 2025-04-11 N/A
Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.
CVE-2012-3893 1 Cisco 1 Ios 2025-04-11 N/A
The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622.
CVE-2012-3895 1 Cisco 1 Ios 2025-04-11 N/A
Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224.
CVE-2012-3924 1 Cisco 1 Ios 2025-04-11 N/A
The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961.
CVE-2012-3962 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbitrary code via a crafted document.
CVE-2012-3984 3 Canonical, Mozilla, Suse 6 Ubuntu Linux, Firefox, Seamonkey and 3 more 2025-04-11 N/A
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.
CVE-2012-4564 5 Canonical, Debian, Libtiff and 2 more 9 Ubuntu Linux, Debian Linux, Libtiff and 6 more 2025-04-11 N/A
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.
CVE-2012-4592 1 Mcafee 1 Enterprise Mobility Manager 2025-04-11 N/A
The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVE-2012-4589 1 Mcafee 1 Enterprise Mobility Manager 2025-04-11 N/A
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
CVE-2012-4754 1 Mindjet 1 Mindmanager 2012 2025-04-11 N/A
Multiple untrusted search path vulnerabilities in MindManager 2012 10.0.493 allow local users to gain privileges via a Trojan horse (1) ssgp.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mmap file. NOTE: some of these details are obtained from third party information.
CVE-2012-4755 1 Scitools 1 Understand 2025-04-11 N/A
Untrusted search path vulnerability in SciTools Understand before 2.6 build 600 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .udb file. NOTE: some of these details are obtained from third party information.
CVE-2012-4756 1 Cyberlink 1 Labelprint 2025-04-11 N/A
Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.