CVE-2016-2303
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
Source: CVE-2016-2303
[월:] 2016년 04월
CVE-2016-2302
CVE-2016-2302
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.
Source: CVE-2016-2302
CVE-2016-2301
CVE-2016-2301
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Source: CVE-2016-2301
CVE-2016-2300
CVE-2016-2300
Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.
Source: CVE-2016-2300
CVE-2016-2299
CVE-2016-2299
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Source: CVE-2016-2299
CVE-2016-3977
CVE-2016-3977
Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.
Source: CVE-2016-3977
CVE-2016-3190
CVE-2016-3190
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
Source: CVE-2016-3190
CVE-2013-7449
CVE-2013-7449
The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Source: CVE-2013-7449
CVE-2016-3466
CVE-2016-3466
Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Wireless.
Source: CVE-2016-3466
CVE-2016-3465
CVE-2016-3465
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to ZFS.
Source: CVE-2016-3465