Security Bulletin: IBM Tivoli Netcool Impact is affected by multiple vulnerabilities in IBM Tivoli Integrated Portal (TIP)

Summary IBM Tivoli Netcool Impact has addressed the following vulnerabilities in IBM Tivoli Integrated Portal TIP . Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the...

CVE-2017-8013

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password...

Xxe

XML external entity XXE vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages...

CVE-2014-3579

XML external entity XXE vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages...

CVE-2014-3579

CVE-2014-3579 is an XML External Entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1. Described across multiple sources as allowing a remote attacker to obtain sensitive information by crafting XML data processed by the broker (via an XPath-based selector during dequeue). The pu...

CVE-2014-3579

XML external entity XXE vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages...

apollo.zeit.de Open Redirect vulnerability

Open Bug Bounty ID: OBB-326096 Description| Value ---|--- Affected Website:| apollo.zeit.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

EMC Data Protection Advisor < 6.4.130 Hardcoded Password Vulnerability

According to its self-reported version number, the EMC Data Protection Advisor running on the remote host is 6.3.x prior to 6.3 patch 67 or 6.4.x prior to 6.4 patch 130. It is, therefore, affected by a default credential vulnerability due to hardcoded passwords with the Apollo System Test,...

EMC AppSync Apollo REST Services SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Appsync. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within Apollo REST...

cinema-apollo.fr XSS vulnerability

Vulnerable URL: http://cinema-apollo.fr/FR/cine-search?search=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check cinema-apollo....

apollobikes.com XSS vulnerability

Vulnerable URL: http://www.apollobikes.com/dealers/search?command=multisearchmethod=search=search=search=asd"search= Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 18:38 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

Apache ActiveMQ Apollo XML External Entity Injection Vulnerability

Apache ActiveMQ Apollo is a proxy server. An XML external entity injection vulnerability exists in Apache ActiveMQ Apollo, which allows remote attackers to exploit the vulnerability to submit a special XML request to obtain sensitive information...

CVE-2013-0728

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value...

Stack overflow

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value...

CVE-2013-0728

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value...

CVE-2013-0728

CVE-2013-0728 affects the ERDAS APOLLO ECWP plugin (NCSAddOn.dll) prior to version 13.00.0001. The vulnerability is described as multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code via a long property value while using Internet Explorer, Firefox, or Chrome....

Apollo Player 37.0.0.0 Buffer Overflow

Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability Discovered and Written by : jacky Greetz to Peter Van Eeckhoutte and all Corelanc0d3r team Rick & mrme & MarKoT &Edi When you play normal songs and you save the playlist as .aap , and then open it up with notepad , u will note that it contains a...

Apollo Player 37.0.0.0 - .aap Buffer Overflow (Denial of Service) (PoC)

Apollo Player 37.0.0.0 - .aap Buffer Overflow Denial of Service PoC Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability Discovered and Written by : jacky Greetz to Peter Van Eeckhoutte and all Corelanc0d3r team Rick & mrme & MarKoT &Edi When you play normal songs and you save the playlist as .aap ,...

Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability

No description provided by source. Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability Discovered and Written by : jacky Greetz to Peter Van Eeckhoutte and all Corelanc0d3r team Rick & mrme & MarKoT &Edi When you play normal songs and you save the playlist as .aap , and then open it up with notepad...

Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability

Exploit for unknown platform in category dos / poc ================================================= Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability ================================================= Title: Apollo Player 37.0.0.0 .aap BOF DOS Vulnerability CVE-ID: OSVDB-ID: Author: jacky...