Debian Linux@5.0 Security Vulnerabilities and Issues — Debian Linux@5.0 CVE List

Lucene search

DebianDebian Linux5.0

8 matches found

CVE•added 2012/01/28 4:5 a.m.•1149 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in co...

4.3CVSS6.2AI score0.76477EPSS

CVE•added 2012/01/18 8:55 p.m.•790 views

CVE-2012-0031

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free...

4.6CVSS7AI score0.01617EPSS

CVE•added 2012/02/01 4:55 p.m.•178 views

CVE-2012-0444

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute...

10CVSS8.9AI score0.02228EPSS

CVE•added 2012/02/01 4:55 p.m.•84 views

CVE-2012-0442

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute ...

9.3CVSS10AI score0.01441EPSS

CVE•added 2012/02/01 4:55 p.m.•73 views

CVE-2012-0449

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedde...

9.3CVSS9.9AI score0.10935EPSS

CVE•added 2012/01/07 11:55 a.m.•69 views

CVE-2011-3919

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5CVSS8.5AI score0.0248EPSS

CVE•added 2012/01/08 11:55 a.m.•57 views

CVE-2011-4360

MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.

5CVSS6.4AI score0.00587EPSS

CVE•added 2012/01/08 11:55 a.m.•49 views

CVE-2011-4361

MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ...

5CVSS6.1AI score0.00231EPSS