CVE-2012-0314 (pocket_wifi, pocket_wifi_firmware)
(02/02/2012) Multiple cross-site request forgery (CSRF) vulnerabilities on the eAccess Pocket WiFi (aka GP02) router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that ... Read More
CVE-2011-4791 (data_protector_media_operations)
(02/02/2012) DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field. Read More
CVE-2012-0448 (bugzilla)
(02/02/2012) Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote ... Read More
CVE-2012-0440 (bugzilla)
(02/02/2012) Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for ... Read More
CVE-2011-3463 (mac_os_x, mac_os_x_server)
(02/02/2012) WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory. Read More
CVE-2011-3462 (mac_os_x, mac_os_x_server)
(02/02/2012) Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a ... Read More
CVE-2011-3460 (mac_os_x, mac_os_x_server)
(02/02/2012) Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. Read More
CVE-2011-3459 (mac_os_x, mac_os_x_server)
(02/02/2012) Off-by-one error in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rdrf atom in a movie file that triggers a buffer overflow. Read More
CVE-2011-3458 (mac_os_x, mac_os_x_server)
(02/02/2012) QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 file. Read More
CVE-2011-3457 (mac_os_x, mac_os_x_server)
(02/02/2012) The OpenGL implementation in Apple Mac OS X before 10.7.3 does not properly perform OpenGL Shading Language (aka GLSL) compilation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and ... Read More
Learn how DDI can improve your security posture and ROI with our Managed Security Services.
Visit our new Vulnerability Research and Security Analytics Blog today at DDI Labs.
This site has been optimized for FF2/3 and IE7/IE8. Site functionality may be reduced when utilized with other web browsing software.
The Homeland Security Portal is an interactive platform and informative arena where industry professionals can register, advertise and obtain publicly available information regarding new products, new technologies, industry news, case studies, investment opportunities and much more.