CVE-2014-5470

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation...

CVE-2014-5470

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation...

PT-2024-10557 · Unknown · Actual Analyzer

Name of the Vulnerable Software and Affected Versions: Actual Analyzer versions prior to 2014-08-29 Description: The issue allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation. Recommendations: For versions prior to...

CVE-2014-5470

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation...

CVE-2014-5470

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because untrusted input is used for part of the input data passed to an eval operation...

CVE-2014-5470

CVE-2014-5470 affects Actual Analyzer (versions prior to 2014-08-29). The vulnerability arises from untrusted input being passed to an eval operation, enabling code execution via shell metacharacters in the input data. Connected sources show concrete details: the flaw exists in Actual Analyzer’s ...

SUSE CVE-2012-3980

The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and...

Code injection

The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that injects this code and...