SUSE Studio OnSite 1.2

CPE Details

SUSE Studio OnSite 1.2
suse
studio_onsite
1.2
2014-04-17
11h27 +00:00
2014-04-21
21h47 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:suse:studio_onsite:1.2:*:*:*:*:*:*:*

Informations

Vendor

suse

Product

studio_onsite

Version

1.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-3180 2014-04-16 16h00 +00:00 kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
7.5
CVE-2011-4192 2014-04-16 16h00 +00:00 kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
7.5
CVE-2011-4193 2014-04-16 16h00 +00:00 Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.
4.3
CVE-2011-4195 2014-04-16 16h00 +00:00 kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.
7.5
CVE-2011-4315 2011-12-08 19h00 +00:00 Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
6.8