CVE-2012-3982
- EPSS 4.73%
- Veröffentlicht 10.10.2012 17:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:11
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial...
CVE-2012-3986
- EPSS 2.51%
- Veröffentlicht 10.10.2012 17:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:12
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils (aka nsDOMWindowUtils) methods, which allows remote a...
CVE-2012-3990
- EPSS 5.2%
- Veröffentlicht 10.10.2012 17:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:13
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exe...
CVE-2012-3489
- EPSS 3.06%
- Veröffentlicht 03.10.2012 21:55:00
- Zuletzt bearbeitet 16.06.2026 23:43:19
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or U...
CVE-2012-1183
- EPSS 3.73%
- Veröffentlicht 18.09.2012 18:55:04
- Zuletzt bearbeitet 16.06.2026 23:39:12
Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x before 1.4.44, 1.6.x before 1.6.2.23, 1.8.x before 1.8.10.1, and 10.x before 10.2.1, when the o option is used and the internal_timing option...
CVE-2012-4929
- EPSS 4.27%
- Veröffentlicht 15.09.2012 18:55:03
- Zuletzt bearbeitet 16.06.2026 23:45:55
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plain...
CVE-2012-3955
- EPSS 21.65%
- Veröffentlicht 14.09.2012 10:33:21
- Zuletzt bearbeitet 16.06.2026 23:44:07
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later red...
CVE-2012-4388
- EPSS 4.23%
- Veröffentlicht 07.09.2012 22:55:02
- Zuletzt bearbeitet 16.06.2026 23:44:55
The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protec...
- EPSS 3.6%
- Veröffentlicht 05.09.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:43:22
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors relate...
CVE-2012-3527
- EPSS 2.12%
- Veröffentlicht 05.09.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:43:24
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified pa...