Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
There are 227 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2013-0776

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web script, as demonstrated by a phishing attack on an HTTPS site.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-0775

Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0774

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-0773

The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0772

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2013-0765

Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Published: February 19, 2013; 6:55:01 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-6075

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

Published: February 12, 2013; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

Published: February 08, 2013; 3:55:01 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-0420

Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."

Published: January 16, 2013; 8:55:06 PM -0500
V3.x:(not available)
V2.0: 2.4 LOW
CVE-2013-0837

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-0836

Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-0835

Unspecified vulnerability in the Geolocation implementation in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-0834

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-0833

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-0832

Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.

Published: January 15, 2013; 4:55:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-0831

Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.

Published: January 15, 2013; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-0830

The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for termination of an unspecified data structure, which has unknown impact and attack vectors.

Published: January 15, 2013; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-5154

Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.

Published: January 15, 2013; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-5153

Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.

Published: January 15, 2013; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-5152

Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data.

Published: January 15, 2013; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM