Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. Date published : 2012-09-26 http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html https://code.google.com/p/chromium/issues/detail?id=137852
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Date published : 2012-09-26 http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html...
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Date published : 2012-09-26...
Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document. Date published : 2012-09-26 http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html https://code.google.com/p/chromium/issues/detail?id=134955
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability...
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon...
Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php...
Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an enable_category action to index.php. Date published : 2012-09-25...
Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php. Date published...
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via...
Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry. Date...
Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors. Date published : 2012-09-25 http://jvn.jp/en/jp/JVN50701493/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000086
Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement. Date published...
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the...