68 matches found
CVE-2015-3397
The CVE-2015-3397 issue affects the Yii Framework prior to 2.0.4, where an XSS flaw could be exploited by remote attackers via JSON/arrays, particularly affecting Internet Explorer 6/7. The vulnerability arises in how JSON data is handled when rendered, allowing injection of arbitrary web script ...
Cisco TelePresence MCU Software Memory Exhaustion
According to the self-reported version, returned by either the SNMP or FTP service running on the remote device, the Cisco TelePresence MCU software is affected by a vulnerability that can allow a remote, unauthenticated attacker to cause a denial of service via memory exhaustion. C Tenable Netwo...
CVE-2014-3397
The CVE-2014-3397 affects Cisco TelePresence MCU Software prior to 4.3(2.30). The vulnerability is a memory exhaustion DoS caused by processing crafted TCP packets in the device’s network stack, enabling an unauthenticated remote attacker to exhaust memory and potentially disrupt or reload the sy...
CVE-2013-3397
Cisco CUCM Unified Serviceability CSRF vulnerability (CVE-2013-3397) arises from insufficient CSRF protections in the Unified Serviceability component. Remote attackers could hijack the authentication of arbitrary users to perform actions in the Unified Serviceability pages, potentially with the ...
CVE-2013-3397
Cross-site request forgery CSRF vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager CUCM allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298...
Fedora Update for moodle FEDORA-2012-11039
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2012-11039 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for moodle FEDORA-2012-11039
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for moodle FEDORA-2012-11028
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2012-11028 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for moodle FEDORA-2012-11028
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 16 : moodle-2.0.10-1.fc16 (2012-11028)
Latest upstreams to address security issues. CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 Note that Tenable Network Security has extracted the preceding description block...
Fedora 17 : moodle-2.2.4-1.fc17 (2012-11039)
Latest upstreams to address security issues. CVE-2012-3387 CVE-2012-3388 CVE-2012-3389 CVE-2012-3390 CVE-2012-3391 CVE-2012-3392 CVE-2012-3393 CVE-2012-3394 CVE-2012-3395 CVE-2012-3396 CVE-2012-3397 CVE-2012-3398 Note that Tenable Network Security has extracted the preceding description block...
CVE-2012-3397
The CVE-2012-3397 issue affects Moodle versions 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1. It arises because lib/modinfolib.php does not verify group-membership when deciding if an activity is unavailable or hidden. This allows remote authenticated users ...
CVE-2011-3397
This CVE affects the Microsoft Windows Time component (DATIME.DLL) on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability allows remote code execution via a crafted web page that leverages an unspecified binary behavior in Internet Explorer. The issue is documented as CVE-2011-3397 ...
CVE-2011-3397
The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code Execution Vulnerability...
Microsoft Windows Time Component Remote Code Execution Vulnerability (2618451)
This host is missing a critical security update according to Microsoft Bulletin MS11-090. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Time Remote Code Execution (MS11-090; CVE-2011-3397)
A remote code execution vulnerability has been reported in the Microsoft Time component. The vulnerability is caused due to binary behavior in Internet Explorer that results in system corruption. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafte...
MS11-090: Cumulative Security Update of ActiveX Kill Bits (2618451)
The remote Windows host has one or more ActiveX controls installed that could be abused to execute arbitrary code remotely if a user can be tricked into viewing a malicious web page using Internet Explorer. Three of these controls are from Microsoft itself while the others are from third-party...
CVE-2010-3397
CVE-2010-3397 affects Symantec PGP Desktop (versions including 9.9.0 build 397, 9.10.x, 10.0.0 build 2732 and likely others). Root cause is an untrusted search path vulnerability allowing DLL hijacking via tsp.dll or tvttsp.dll located in the same folder as credential/key files (.p12, .pem, .pgp,...
KLA10288 ACE vulnerability in PGP Desktop
An untrusted path vulnerability was found in PGP Desktop. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited locally via a DLL hijack. Original advisories - Related products PGP-Desktop CVE list CVE-2010-3397 critical Solution Update t...
CVE-2009-3397
CVE-2009-3397 affects Oracle E-Business Suite (Oracle Application Object Library) in versions 12.0.6 and 12.1.1. The description notes an unspecified remote vulnerability impacting confidentiality via unknown vectors. The OCT 2009 Critical Patch Update fixes multiple vulnerabilities across Oracle...