Studio Onsite@1.2 Security Vulnerabilities and Issues — Studio Onsite@1.2 CVE List

Lucene search

SuseStudio Onsite1.2

5 matches found

CVE•added 2011/12/08 8:55 p.m.•92 views

CVE-2011-4315

Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.

6.8CVSS7.6AI score0.02811EPSS

CVE•added 2014/04/16 6:37 p.m.•38 views

CVE-2011-4195

kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.

7.5CVSS7.8AI score0.01317EPSS

CVE•added 2014/04/16 6:37 p.m.•35 views

CVE-2011-4193

Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2014/04/16 6:37 p.m.•32 views

CVE-2011-3180

kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

7.5CVSS7.7AI score0.01486EPSS

CVE•added 2014/04/16 6:37 p.m.•31 views

CVE-2011-4192

kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

7.5CVSS7.7AI score0.00499EPSS