LiveActive security incident?Get immediate response
CVE archive

March 2012

Browse CVE records published in March 2012, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 433 matching CVEs · Page 2 of 9.

Unknown · CVSS Not scored

CVE-2012-1430: The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.1616...

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Published Mar 21, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2012-1441: The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware det...

The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e_ fields. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different EXE parser implementations.

Published Mar 21, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2012-0687: TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Serv...

TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2; TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0; TIBCO BusinessEvents Runtime in Enterprise and Inference Editions 3.x before 3.0.3, Standard Edition 4.x before 4.0.2, and Standard Edition and Express 5.0.0; and TIBCO BusinessWorks Engine in TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2 and ActiveMatrix BusinessWorks before 5.9.3 allow remote attackers to obtain sensitive information via a crafted URL.

Published Mar 13, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2012-1438: The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attack...

The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.

Published Mar 21, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2012-1440: The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortine...

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Published Mar 21, 2012 · Updated Sep 16, 2024

High · CVSS 7.5

CVE-2012-10009: 404like Plugin 404Like.php checkPage sql injection

A vulnerability was found in 404like Plugin up to 1.0.2 on WordPress. It has been classified as critical. Affected is the function checkPage of the file 404Like.php. The manipulation of the argument searchWord leads to sql injection. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 2c4b589d27554910ab1fd104ddbec9331b540f7f. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-223404.

Published Mar 20, 2023 · Updated Aug 6, 2024

Unknown · CVSS Not scored

CVE-2012-6636: The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allow...

The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in an application targeted to API level 16 or earlier, a related issue to CVE-2013-4710.

Published Mar 3, 2014 · Updated Aug 6, 2024