CVE-2012-1147
- EPSS 2.57%
- Veröffentlicht 03.07.2012 19:55:02
- Zuletzt bearbeitet 16.06.2026 23:39:07
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
- EPSS 3.57%
- Veröffentlicht 03.07.2012 19:55:02
- Zuletzt bearbeitet 16.06.2026 23:39:07
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation...
CVE-2012-1823
- EPSS 100%
- Veröffentlicht 11.05.2012 10:15:48
- Zuletzt bearbeitet 16.06.2026 23:40:22
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by ...
CVE-2012-0657
- EPSS 0.37%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors.
CVE-2012-0658
- EPSS 3.59%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded.
CVE-2012-0659
- EPSS 3.16%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
CVE-2012-0660
- EPSS 3.14%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.
CVE-2012-0661
- EPSS 3.16%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.
CVE-2012-0662
- EPSS 3.23%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:01
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
CVE-2012-0675
- EPSS 1.79%
- Veröffentlicht 11.05.2012 03:49:59
- Zuletzt bearbeitet 16.06.2026 23:38:03
Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.