96 matches found
CVE-2010-2437
creationtimestamp| type| source ---|---|--- 2010-06-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34140...
Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)
Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...
CVE-2009-2437
CVE-2009-2437 affects Rentventory 1.0.1. The vulnerability is described as multiple cross-site scripting (XSS) flaws in index.php, exploitable through the login action via the (1) username and (2) password parameters. The connected documents confirm the issue as XSS but do not provide technical s...
CVE-2009-2437
Multiple cross-site scripting XSS vulnerabilities in index.php in Rentventory 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 username aka Login and 2 password parameters in a login action...
CVE-2009-2437
creationtimestamp| type| source ---|---|--- 2009-07-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34804...
Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow
Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...
Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow
Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...
CVE-2008-2437
CVE-2008-2437 describes a stack-based buffer overflow in Trend Micro OfficeScan components (cgiRecvFile.exe) that can be triggered by an HTTP request with a long ComputerName parameter. The condition allows remote attackers to execute arbitrary code with SYSTEM-level privileges on affected system...
Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
====================================================================== Secunia Research 12/09/2008 - Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow - ====================================================================== Table of Contents Affected...
SuSE 10 Security Update : dhcp-server (ZYPP Patch Number 2437)
A bug was fixed were a LDAP server with malicious data providing information to the DHCP server could crash and potentially execute code as the DHCP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
CVE-2007-2437
The X render Xrender extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service daemon crash via crafted values to the 1 XRenderCompositeTrapezoids and 2 XRenderAddTraps functions, which trigger a...
CVE-2007-2437
CVE-2007-2437 affects the X render (Xrender) extension in X.org X Window System 7.0/7.1/7.2 with Xserver 1.3.0 and earlier. The vulnerability arises when processing crafted values in the functions XRenderCompositeTrapezoids and XRenderAddTraps , which can trigger a divide-by-zero error and cause ...
CVE-2006-2437
The CVE-2006-2437 entry concerns Caucho Resin’s viewfile servlet in the Resin documentation package (resin-doc) for versions 3.0.17 and 3.0.18. The available sources in the connected documents describe an arbitrary file disclosure: an unauthenticated remote attacker can obtain the contents of fil...
CVE-2005-2437
The CVE-2005-2437 entry concerns Website Baker Project, where uploaded file extensions are not properly verified. This allows remote attackers to upload and execute arbitrary PHP code due to the insufficient validation of the file type during upload. The available references (NVD, CVE, CVEList) c...
CVE-2004-2437
SQL injection vulnerability in PHP-Fusion 4.01 allows remote attackers to execute arbitrary SQL commands via the rowstart parameter to 1 index.php or 2 members.php, or 3 the commentid parameter to comments.php...
CVE-2024-2437
CVE-2024-2437 is a reservation duplicate of CVE-2023-41728; the connected records show this CVE should reference CVE-2023-41728 instead. CVE-2023-41728 describes a Cross-site Scripting (Stored XSS) vulnerability in the Rescue Shortcodes WordPress plugin (Rescue Shortcodes) affecting versions up t...