Lucene search
K

96 matches found

Circl
Circl
added 2010/06/11 12:0 a.m.7 views

CVE-2010-2437

creationtimestamp| type| source ---|---|--- 2010-06-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34140...

4.3CVSS5.8AI score0.01452EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2009/10/01 12:0 a.m.19 views

Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...

10CVSS8.1AI score0.06673EPSS
Exploits5
CVE
CVE
added 2009/07/13 2:0 p.m.36 views

CVE-2009-2437

CVE-2009-2437 affects Rentventory 1.0.1. The vulnerability is described as multiple cross-site scripting (XSS) flaws in index.php, exploitable through the login action via the (1) username and (2) password parameters. The connected documents confirm the issue as XSS but do not provide technical s...

4.3CVSS6AI score0.01498EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/07/13 2:0 p.m.19 views

CVE-2009-2437

Multiple cross-site scripting XSS vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 username aka Login and 2 password parameters in a login action...

6AI score0.01498EPSS
Exploits1References3
Circl
Circl
added 2009/07/07 12:0 a.m.4 views

CVE-2009-2437

creationtimestamp| type| source ---|---|--- 2009-07-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34804...

4.3CVSS5.8AI score0.01498EPSS
Exploits1References1
Saint
Saint
added 2008/09/23 12:0 a.m.80 views

Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow

Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...

10CVSS7.8AI score0.06673EPSS
Exploits5
Saint
Saint
added 2008/09/23 12:0 a.m.38 views

Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow

Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...

10CVSS7.8AI score0.06673EPSS
Exploits5
CVE
CVE
added 2008/09/16 10:0 p.m.61 views

CVE-2008-2437

CVE-2008-2437 describes a stack-based buffer overflow in Trend Micro OfficeScan components (cgiRecvFile.exe) that can be triggered by an HTTP request with a long ComputerName parameter. The condition allows remote attackers to execute arbitrary code with SYSTEM-level privileges on affected system...

10CVSS7.8AI score0.06673EPSS
Exploits5References13Affected Software2
securityvulns
securityvulns
added 2008/09/15 12:0 a.m.113 views

Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow

====================================================================== Secunia Research 12/09/2008 - Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow - ====================================================================== Table of Contents Affected...

10CVSS0.8AI score0.06673EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.14 views

SuSE 10 Security Update : dhcp-server (ZYPP Patch Number 2437)

A bug was fixed were a LDAP server with malicious data providing information to the DHCP server could crash and potentially execute code as the DHCP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
OSV
OSV
added 2007/05/02 10:19 a.m.8 views

CVE-2007-2437

The X render Xrender extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service daemon crash via crafted values to the 1 XRenderCompositeTrapezoids and 2 XRenderAddTraps functions, which trigger a...

6.3AI score
Exploits0References10
CVE
CVE
added 2007/05/02 10:0 a.m.82 views

CVE-2007-2437

CVE-2007-2437 affects the X render (Xrender) extension in X.org X Window System 7.0/7.1/7.2 with Xserver 1.3.0 and earlier. The vulnerability arises when processing crafted values in the functions XRenderCompositeTrapezoids and XRenderAddTraps , which can trigger a divide-by-zero error and cause ...

5.5CVSS8.7AI score0.04401EPSS
Exploits0References10Affected Software2
CVE
CVE
added 2006/05/17 10:0 a.m.69 views

CVE-2006-2437

The CVE-2006-2437 entry concerns Caucho Resin’s viewfile servlet in the Resin documentation package (resin-doc) for versions 3.0.17 and 3.0.18. The available sources in the connected documents describe an arbitrary file disclosure: an unauthenticated remote attacker can obtain the contents of fil...

5CVSS6.8AI score0.06754EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/08/03 4:0 a.m.43 views

CVE-2005-2437

The CVE-2005-2437 entry concerns Website Baker Project, where uploaded file extensions are not properly verified. This allows remote attackers to upload and execute arbitrary PHP code due to the insufficient validation of the file type during upload. The available references (NVD, CVE, CVEList) c...

5CVSS7.9AI score0.01351EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-2437

SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to 1 index.php or 2 members.php, or 3 the commentid parameter to comments.php...

7.5CVSS8.4AI score0.01211EPSS
Exploits0References5
CVE
CVE
added 1976/01/01 12:0 a.m.75 views

CVE-2024-2437

CVE-2024-2437 is a reservation duplicate of CVE-2023-41728; the connected records show this CVE should reference CVE-2023-41728 instead. CVE-2023-41728 describes a Cross-site Scripting (Stored XSS) vulnerability in the Rescue Shortcodes WordPress plugin (Rescue Shortcodes) affecting versions up t...

5.5AI score
Exploits0
Rows per page
Query Builder