60 matches found
CVE-2023-21521
CVE-2023-21521 describes an SQL Injection in the BlackBerry AtHoc 7.15 Management Console (Operator Audit Trail). The affected component is the Management Console’s operator audit trail feature, where user-supplied input can be interpreted as SQL, enabling an attacker to read data from the databa...
BlackBerry AtHoc Security Vulnerability
BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15 that stems from a vulnerability that allows an attacker t...
PT-2023-18277 · Blackberry · Blackberry Athoc
Name of the Vulnerable Software and Affected Versions: BlackBerry AtHoc version 7.15 Description: An SQL Injection issue in the Management Console Operator Audit Trail could allow an attacker to read sensitive data from the database, modify database data, execute administration operations on the...
BlackBerry AtHoc SQL Injection Vulnerability
BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a SQL injection vulnerability in the...
PT-2023-18278 · Blackberry · Blackberry Athoc
Name of the Vulnerable Software and Affected Versions: BlackBerry AtHoc version 7.15 Description: A Reflected Cross-site Scripting XSS vulnerability in the Management Console Reports could allow an attacker to control a script executed in the victim's browser, enabling them to execute script...
BlackBerry AtHoc Cross-Site Scripting Vulnerability
BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a stored cross-site scripting XSS...
BlackBerry AtHoc Cross-Site Scripting Vulnerability
BlackBerry AtHoc is a crisis communications solution for federal, state and local governments, public safety and law enforcement agencies, and schools from BlackBerry Canada. A security vulnerability exists in BlackBerry AtHoc version 7.15, which stems from a Reflective Cross-Site Scripting XSS...
CVE-2019-8997
An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...
CVE-2019-8997
An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...
Xxe
An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...
CVE-2019-8997
An XML External Entity Injection XXE vulnerability in the Management System console of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XM...
CVE-2019-8997
CVE-2019-8997 describes an XML External Entity (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567. An attacker could craft XML in an existing field to read arbitrary local files on the application server or cause outbound requests on the ne...
CVE-2005-0187
Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name...
CVE-2005-0187
CVE-2005-0187 describes a stack-based buffer overflow in the SetSkin function of the AtHoc toolbar. The vulnerability allows remote attackers to execute arbitrary code by supplying a long skin name, indicating a remote code execution risk via the affected component. The documents identify the aff...
CVE-2005-0188
CVE-2005-0188 concerns a format-string vulnerability in the SetBaseURL function of the AtHoc toolbar. The issue allows remote attackers to execute arbitrary code by supplying an invalid URL that is recorded in the debug log, leveraging format specifiers. Public references in NVD/CVE records indic...
CVE-2005-0188
Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...
Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c)
NGSSoftware Insight Security Research Advisory Name: Multiple Vulnerabilities in the AtHoc Toolbar For MSIE Systems Affected: AtHoc Toolbar for MSIE Severity: High Vendor URL: http://www.athoc.com/site/products/toolbar.asp Author: Mark Litchfield [email protected] John Heasman...
Multiple AtHoc toolbar bugs
Buffer overflows, format string bugs in ActiveX components...
Patch available for high risk flaws in the AtHoc Toolbar
Mark Litchfield and John Heasman of NGSSoftware have discovered two high risk vulnerabilities in the AtHoc Toolbar. The AtHoc toolbar is a plugin for Microsoft's Internet Explorer. The toolbar is redistributed to users of eBay Accenture ThomasRegister ThomasRegional Juniper Networks WiredNews...
CVE-2005-0188
Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log...