| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2011-5046 |
20 |
1
|
DoS Exec Code Mem. Corr. |
2011-12-30 |
2012-11-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted data, as demonstrated by a large height attribute of an IFRAME element rendered by Safari, aka "GDI Access Violation Vulnerability." |
|
2 |
CVE-2011-5043 |
20 |
1
|
DoS Overflow |
2011-12-30 |
2012-01-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a denial of service (application crash) via a long string in an MP3 file, possibly a buffer overflow. |
|
3 |
CVE-2011-5037 |
20 |
|
DoS |
2011-12-29 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google V8 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, as demonstrated by attacks against Node.js. |
|
4 |
CVE-2011-5036 |
310 |
|
DoS |
2011-12-29 |
2013-02-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
|
5 |
CVE-2011-5035 |
20 |
|
DoS |
2011-12-29 |
2013-02-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. |
|
6 |
CVE-2011-5034 |
20 |
|
DoS |
2011-12-29 |
2012-11-06 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461. |
|
7 |
CVE-2011-5033 |
119 |
1
|
DoS Overflow |
2011-12-29 |
2011-12-30 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file. |
|
8 |
CVE-2011-5032 |
|
|
DoS |
2011-12-29 |
2011-12-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device. |
|
9 |
CVE-2011-5021 |
94 |
|
DoS Bypass |
2011-12-28 |
2011-12-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors. |
|
10 |
CVE-2011-5009 |
|
|
DoS |
2011-12-24 |
2012-02-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method. |
|
11 |
CVE-2011-4885 |
20 |
2
|
DoS |
2011-12-29 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
|
12 |
CVE-2011-4869 |
399 |
|
DoS |
2011-12-20 |
2012-11-06 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528. |
|
13 |
CVE-2011-4838 |
20 |
|
DoS |
2011-12-29 |
2013-04-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. |
|
14 |
CVE-2011-4815 |
20 |
|
DoS |
2011-12-29 |
2013-01-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. |
|
15 |
CVE-2011-4755 |
20 |
|
DoS |
2011-12-16 |
2012-01-31 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted cookie, as demonstrated by cookies to client@1/domain@1/hosting/file-manager/ and certain other files. |
|
16 |
CVE-2011-4727 |
20 |
|
DoS |
2011-12-16 |
2012-02-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted REST URL parameter, as demonstrated by parameters to admin/ and certain other files. |
|
17 |
CVE-2011-4687 |
399 |
|
DoS |
2011-12-07 |
2012-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page. |
|
18 |
CVE-2011-4686 |
|
|
DoS |
2011-12-07 |
2012-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors. |
|
19 |
CVE-2011-4685 |
20 |
|
DoS |
2011-12-07 |
2012-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com. |
|
20 |
CVE-2011-4603 |
20 |
|
DoS |
2011-12-16 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted message, a different vulnerability than CVE-2011-3594. |
|
21 |
CVE-2011-4602 |
20 |
|
DoS |
2011-12-16 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message. |
|
22 |
CVE-2011-4601 |
20 |
|
DoS |
2011-12-24 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted (1) AIM or (2) ICQ message associated with buddy-list addition. |
|
23 |
CVE-2011-4598 |
200 |
|
DoS +Info |
2011-12-14 |
2012-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests. |
|
24 |
CVE-2011-4566 |
189 |
|
DoS Overflow |
2011-11-28 |
2012-11-06 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. |
|
25 |
CVE-2011-4555 |
255 |
|
DoS |
2011-12-06 |
2011-12-08 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comments by selecting a conflicting e-mail address. |
|
26 |
CVE-2011-4539 |
20 |
|
DoS |
2011-12-08 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. |
|
27 |
CVE-2011-4537 |
119 |
|
DoS Exec Code Overflow |
2011-12-26 |
2011-12-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a crafted packet to TCP port (1) 12397 or (2) 12399. |
|
28 |
CVE-2011-4528 |
399 |
|
DoS |
2011-12-20 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. |
|
29 |
CVE-2011-4517 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-12-14 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file. |
|
30 |
CVE-2011-4516 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-12-14 |
2012-11-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file. |
|
31 |
CVE-2011-4462 |
20 |
|
DoS |
2011-12-29 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
|
32 |
CVE-2011-4461 |
310 |
|
DoS |
2011-12-29 |
2013-02-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
|
33 |
CVE-2011-4415 |
20 |
|
DoS |
2011-11-08 |
2012-07-03 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
|
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607. |
|
34 |
CVE-2011-4369 |
|
|
DoS Exec Code Mem. Corr. |
2011-12-16 |
2013-01-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. |
|
35 |
CVE-2011-4362 |
189 |
1
|
DoS |
2011-12-24 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. |
|
36 |
CVE-2011-4357 |
134 |
|
DoS Exec Code |
2011-12-10 |
2011-12-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit (neo_cgi) module for Clearsilver 0.10.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are not properly handled when creating CGI error messages using the cgi_error API function. |
|
37 |
CVE-2011-4315 |
119 |
|
DoS Overflow |
2011-12-08 |
2012-06-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. |
|
38 |
CVE-2011-4313 |
|
|
DoS |
2011-11-29 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. |
|
39 |
CVE-2011-4261 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-11-24 |
2012-03-08 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file. |
|
40 |
CVE-2011-4246 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-11-24 |
2011-11-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
|
41 |
CVE-2011-4245 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-11-24 |
2012-03-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The RealVideo renderer in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
|
42 |
CVE-2011-4223 |
|
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
43 |
CVE-2011-4222 |
|
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Investintech.com Able2Extract and Able2Extract Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. |
|
44 |
CVE-2011-4221 |
|
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document. |
|
45 |
CVE-2011-4220 |
264 |
|
DoS Exec Code |
2011-11-01 |
2012-03-07 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
46 |
CVE-2011-4219 |
399 |
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Investintech.com SlimPDF Reader does not prevent faulting-address data from affecting branch selection, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
47 |
CVE-2011-4218 |
399 |
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Investintech.com SlimPDF Reader does not prevent faulting-instruction data from affecting write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
48 |
CVE-2011-4217 |
264 |
|
DoS Exec Code |
2011-11-01 |
2012-02-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Investintech.com SlimPDF Reader does not properly restrict read operations during block data moves, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
49 |
CVE-2011-4216 |
264 |
|
DoS Exec Code |
2011-11-01 |
2011-11-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Investintech.com SlimPDF Reader does not properly restrict write operations, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. |
|
50 |
CVE-2011-4191 |
119 |
|
DoS Exec Code Overflow |
2011-11-29 |
2011-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. |
