The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/. Date published : 2011-06-09 http://www.securityfocus.com/bid/48256 http://android.git.kernel.org/?p=platform/frameworks/base.git;a=commit;h=f440831d76817e837164ca18c7705e81d2391f87
Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute...
Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /…/../ sequence in a path. Date published : 2011-06-09 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=912
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted –session-dir argument in conjunction with a symlink attack on the opd_pipe...
Directory traversal vulnerability in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to overwrite arbitrary files via a .. (dot dot) in the –save argument, related to the –session-dir argument, a different...
utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the (1) –vmlinux, (2) –session-dir, or (3) –xen argument, related to the daemonrc file and the do_save_setup...
The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129 http://code.google.com/p/chromium/issues/detail?id=83743
Google V8, as used in Google Chrome before 12.0.742.91, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129 http://code.google.com/p/chromium/issues/detail?id=83275
The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via...
Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129 http://code.google.com/p/chromium/issues/detail?id=83010
Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129...
Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Date published :...
Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129...
Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions. Date published : 2011-06-09 http://www.securityfocus.com/bid/48129 http://code.google.com/p/chromium/issues/detail?id=79862