284 matches found
Microsoft FrontPage URL Device Denial of Service - Ver2 (CVE-2000-0709)
A denial-of-service vulnerability has been reported in Microsoft Frontpage. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft FrontPage信息泄露漏洞(CVE-2013-3137)(MS13-078)
BUGTRAQ ID: 62185 CVECAN ID: CVE-2013-3137 Frontpage是微软公司出品的一款网页制作软件。 FrontPage 中存在一个信息泄露漏洞,此漏洞源于解析XML文档内的DTD实体时的错误,通过诱使用户打开特制的FrontPage文档,本地攻击者可泄露目标系统上文件的内容。 0 Microsoft FrontPage 2003 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS13-078)以及相应补丁: MS13-078:Vulnerability in FrontPage Could All...
CVE-2013-3137
Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."...
Spoofing
Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."...
CVE-2013-3137
Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."...
CVE-2013-3137
CVE-2013-3137 affects Microsoft FrontPage 2003 SP3. The issue arises from how FrontPage parses DTDs in XML inside FrontPage documents, causing an information-disclosure vulnerability. Remote attackers could obtain sensitive information by crafting a FrontPage document. Microsoft issued MS13-078 w...
Microsoft Frontpage information leakage
XML information disclosure...
MS13-078: Vulnerability in FrontPage Could Allow Information Disclosure (2825621)
The host has a version of Microsoft FrontPage installed that is affected by an information disclosure vulnerability that could allow a remote attacker to view the contents of a file. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69837; scriptversion"1.12";...
Microsoft FrontPage Information Disclosure Vulnerability (2825621)
This host is missing an important security update according to Microsoft Bulletin MS13-078. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
Microsoft FrontPage Detection (Windows SMB Login)
SMB login-based detection of Microsoft FrontPage. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft FrontPage CVE-2013-3137 Information Disclosure Vulnerability
Description Microsoft FrontPage is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose the contents of a local file on the affected computer. This may aid in further attacks. Technologies Affected Microsoft FrontPage 2003 SP3 Recommendations Run all...
Microsoft FrontPage XML Information Disclosure (MS13-078; CVE-2013-3137)
An information disclosure vulnerability exists in FrontPage...
September's Patch Tuesday updates to fix Critical flaws in Windows, IE and Office
This Tuesday, Microsoft will be releasing its September's Patch Tuesday updates includes 14 bulletins in total, fixing issues in Windows, Office, Outlook, Internet Explorer, SharePoint and FrontPage. In all, there are eight remote code execution flaws in Microsoft Office, Microsoft Server Softwar...
Office, SharePoint Patches Await September Patch Tuesday
Today’s monthly advance notification of Microsoft’s upcoming security bulletin release on Tuesday includes a number of critical Office patches that have experts worried. Of particular concern are remote code execution vulnerabilities in Outlook 2007 and 2010 that can be exploited by merely...
frontpage_version
This plugin searches for the FrontPage Server Info file and if it finds it will try to determine the version of the Frontpage Server Extensions. The file is located inside the web server webroot. For example: http://localhost/vtiinf.html Plugin type Infrastructure Options This plugin doesnt have...
frontpage
This plugin audits the frontpage extension configuration by trying to upload a file to the remote server using the author.dll script provided by FrontPage. Plugin type Audit Options Name | Type | Default Value | Description | Help ---|---|---|---|--- stopOnFirst | boolean | True | Stop on the fir...
http-frontpage-login NSE Script
Checks whether target machines are vulnerable to anonymous Frontpage login. Older, default configurations of Frontpage extensions allow remote user to login anonymously which may lead to server compromise. Script Arguments http-frontpage-login.path Path prefix to Frontpage directories. Defaults t...
Microsoft FrontPage Server Extensions MS-DOS Device Name DoS Vulnerability (Aug 2000)
Microsoft FrontPage Server Extensions is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Joostina (Multiple Components) - SQL Injection
source: https://www.securityfocus.com/bid/47595/info Multiple Joostina components are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the applications...
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass / SQL Injection / Persistent Cross-Site Scripting on FrontPage
Author:Michael Brooks Rook Application:OpenClassifieds 1.7.0.3 download: http://open-classifieds.com/download/ Exploit chain:captcha bypass-sqliinsert-persistant xss on front page If registration is required an extra link in the chain is added: Exploit chain:blind sqliselect-captcha...