CVSS: 5.0EPSS: 0%CPEs: 122EXPL: 0CVE-2012-5155
https://notcve.org/view.php?id=CVE-2012-5155
Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. Google Chrome anterior a v24.0.1312.52 en Mac OS X no utiliza de forma apropiada el sandbox, haciendo fácil para usuarios remotos eludir las restricciones de acceso mediante vectores no especificados. • http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html https://code.google.com/p/chromium/issues/detail?id=163208 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5675
https://notcve.org/view.php?id=CVE-2012-5675
Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. • http://www.adobe.com/support/security/bulletins/apsb12-26.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4934
https://notcve.org/view.php?id=CVE-2012-4934
TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a certain redirection URL. TomatoCart v1.1.7, cuando el módulo PayPal Express Checkout está activado en modo de ejecución controlada (sandbox), permite a usuarios remotos autenticados a evitar los requisitos de pago establecidos, modificando cierta redirección URL. • http://osvdb.org/86883 http://www.kb.cert.org/vuls/id/207540 http://www.securityfocus.com/bid/56333 https://exchange.xforce.ibmcloud.com/vulnerabilities/79696 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 96%CPEs: 9EXPL: 2CVE-2012-5076 – Oracle Java SE Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2012-5076
An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. • https://www.exploit-db.com/exploits/24309 https://www.exploit-db.com/exploits/22657 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-2012-1467.html http://secunia.com/advisories/51029 http://secunia.com/advisories/51326 http://secunia.com/advisories/51390 http://security.gentoo.org/glsa/glsa-201406-32.xml http:& •
CVSS: 10.0EPSS: 1%CPEs: 82EXPL: 0CVE-2012-5086 – OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)
https://notcve.org/view.php?id=CVE-2012-5086
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 7 y anteriores, y v6 Update 35 y anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con los Beans. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1385.html http://rhn.redhat.com/errata/RHSA-2012-1386.html http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-2012-1392.html http://rhn.redhat.com&#x •