Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2018/09/12 12:0 a.m.34 views

InTouch Machine Edition 8.1 SP1 Buffer Overflow

Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2018-09-10 Vendor Homepage: https://on.wonderware.com/ Software Link: https://on.wonderware.com/intouch-machine-edition Tested Version: 8.1 SP1 Vulnerability Type: Loc...

0.3AI score
Exploits0
ICS
ICS
added 2011/08/31 6:0 a.m.60 views

Wonderware InBatch ActiveX Vulnerabilities

Overview ICS-CERT originally released advisory “ICSA-11-332-01P—Invensys Wonderware InBatch ActiveX Vulnerabilities” in the US-CERT secure portal on November 28, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the...

6.8CVSS8.2AI score0.02493EPSS
Exploits0References10
CVE
CVE
added 2005/08/16 4:0 a.m.48 views

CVE-2004-2321

Affected products: BEA WebLogic Server and Express 8.1 SP1 and earlier. Vulnerability: local users in the Operator role can obtain administrator passwords via MBean attributes (ServerStartMBean.Password; NodeManagerMBean.CertificatePassword). Impact: partial confidentiality exposure; access is LO...

2.1CVSS6.6AI score0.0021EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2005/07/05 4:0 a.m.15 views

CVE-2005-2092

BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic to incorrectly handle and forwar...

4.3CVSS6.1AI score0.01515EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/06/30 4:0 a.m.27 views

CVE-2005-2092

BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic to incorrectly handle and forwar...

6.1AI score0.01515EPSS
Exploits1References5
CVE
CVE
added 2005/06/30 4:0 a.m.36 views

CVE-2005-2092

The CVE-2005-2092 entry describes a vulnerability in BEA Systems WebLogic 8.1 SP1 where a crafted HTTP request with both a Transfer-Encoding: chunked header and a Content-Length header causes WebLogic to mis-handle the request body, leading to HTTP Request Smuggling. This can allow remote attacke...

4.3CVSS6.4AI score0.01515EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder