LiveActive security incident?Get immediate response
CVE archive

June 2013

Browse CVE records published in June 2013, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 413 matching CVEs · Page 2 of 9.

Unknown · CVSS Not scored

CVE-2013-2316: The Yahoo!

The Yahoo! Browser application 1.4.4 and earlier for Android allows remote attackers to spoof the address bar via vectors related to URL display, a different vulnerability than CVE-2013-2307.

Published Jun 3, 2013 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2013-3382: The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9...

The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.

Published Jun 26, 2013 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2013-4669: FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClie...

FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem.

Published Jun 25, 2013 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2013-2339: HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Fle...

HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.

Published Jun 29, 2013 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2013-3949: The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_S...

The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, which allows local users to bypass intended access restrictions via a wrapper program that calls the posix_spawnattr_setflags function.

Published Jun 5, 2013 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2013-3386: The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Securi...

The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712.

Published Jun 27, 2013 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2013-3959: The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and oth...

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters.

Published Jun 14, 2013 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2013-3642: The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android...

The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android 2.2 through 2.3.4, 1.68b and earlier for Android 3.0 through 4.0.3, and 1.76b and earlier for Android 4.1 through 4.2 does not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application.

Published Jun 17, 2013 · Updated Sep 16, 2024