Lucene search
K

571 matches found

Cvelist
Cvelist
added 2009/01/26 3:5 p.m.19 views

CVE-2009-0264

Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors...

6.8AI score0.01624EPSS
Exploits0References3
CVE
CVE
added 2009/01/26 3:5 p.m.48 views

CVE-2009-0264

The CVE-2009-0264 entry concerns Fujitsu SystemWizard Lite (SystemcastWizard Lite) with affected versions 2.0A, 2.0, 1.9 and earlier. The underlying issue is a buffer overflow in the Registry Setting Tool. Technical details in the connected documents confirm a high-severity condition (CVSS v2 bas...

10CVSS7AI score0.01624EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2009/01/20 12:0 a.m.31 views

Fujitsu SystemcastWizard Lite buffer overflow

Buffer overflow on oversized PXE request...

4.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/01/20 12:0 a.m.75 views

[Wintercore Research ] Fujitsu SystemcastWizard Lite PXEService Remote Buffer Overflow.

Wintercore Research:: Advisory W01-0109 html version: http://www.wintercore.com/advisories/advisoryW010109.html 1. Background "SystemcastWizard Lite is support software for the setup of the PRIMEQUEST system" 2. Non-technical description PXEService.exe is prone to a remote buffer overflow due to...

1.3AI score
Exploits0
NVD
NVD
added 2009/01/05 8:30 p.m.20 views

CVE-2008-5842

Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...

4.3CVSS5.9AI score0.00855EPSS
Exploits0References1
Prion
Prion
added 2009/01/05 8:30 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...

4.3CVSS6.2AI score0.00855EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2009/01/05 8:0 p.m.14 views

CVE-2008-5842

Multiple cross-site scripting XSS vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with 1 a demo application shipped with WebTransactions and possibly 2 an unspecified...

5.9AI score0.00855EPSS
Exploits0References1
CVE
CVE
added 2009/01/05 8:0 p.m.39 views

CVE-2008-5842

CVE-2008-5842 affects Fujitsu-Siemens WebTransactions 7.0/7.1 (and possibly other versions). The vulnerability is described as multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary script/HTML via vectors tied to a shipped demo application and an unspecified dy...

4.3CVSS6AI score0.00855EPSS
Exploits0References1Affected Software1
Samba
Samba
added 2009/01/05 12:0 a.m.79 views

Potential access to "/" in setups with

Description When connecting to a share called "" empty string using an older version of smbclient before 3.0.28 for example with: 'smbclient //server/ -U user%pass' access to the root filesystem is granted with the privileges of the authenticated user. This only happens in setups with registry...

6.3CVSS0.03534EPSS
Exploits1
Prion
Prion
added 2009/01/02 6:11 p.m.10 views

Code injection

WBPublish aka WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to 1...

10CVSS8.3AI score0.0376EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2009/01/02 6:0 p.m.24 views

CVE-2008-5810

WBPublish aka WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to 1...

7.8AI score0.0376EPSS
Exploits0References9
CVE
CVE
added 2009/01/02 6:0 p.m.41 views

CVE-2008-5810

CVE-2008-5810 affects WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0/7.1 (and possibly other versions). The flaw allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP input that is mishandled during temporary session data cleanup, potentially involving direc...

10CVSS8AI score0.0376EPSS
Exploits0References9Affected Software1
securityvulns
securityvulns
added 2008/12/22 12:0 a.m.40 views

SEC Consult SA-20081219-0 :: Fujitsu-Siemens WebTransactions remote command injection vulnerability

SEC-CONSULT Security Advisory 20081219-0 =================================================================================== title: Fujitsu-Siemens WebTransactions Remote Command Injection Vulnerability program: WebTransactions vulnerable version: =7.1 homepage: http://www.fujitsu-siemens.com/...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/22 12:0 a.m.29 views

Fujitsu-Siemens WebTransactions shell characters vulnerability

Unfiltered user input in systemcall...

3.4AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2008/12/22 12:0 a.m.20 views

Fujitsu-Siemens WebTransactions远程命令执行漏洞

BUGTRAQ ID: 32927 CNCAN ID:CNCAN-2008122201 Fujitsu-Siemens WebTransactions是一款允许为主机应用程序提供新的业务流程和应用的解决方案。 Fujitsu-Siemens WebTransactions不正确处理输入验证,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 部分条件下,当清理临时会话数据时,WBPublish.exe传递没有经过验证的输入就给system函数,可导致无需验证攻击者以WEB进程权限执行任意命令。 Fujitsu-Siemens WebTransactions 7.1...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/10/14 12:0 a.m.57 views

Apache Tomcat 'RemoteFilterValve'安全绕过漏洞

BUGTRAQ ID: 31698 CVE ID:CVE-2008-3271 CNCVE ID:CNCVE-20083271 Apache Tomcat是一款流行的开放源码的JSP应用服务器程序。 Apache Tomcat处理'RemoteFilterValve'扩展存在安全绕过问题,远程攻击者可以利用漏洞绕过访问限制,获得敏感信息。 在使用RemoteAddrValve允许部分地址访问引擎时: Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="a.b.c.d"/...

4.3CVSS6.4AI score0.04807EPSS
Exploits2
securityvulns
securityvulns
added 2008/10/12 12:0 a.m.61 views

[SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-3271: Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.31 Tomcat 5.5.0 Tomcat 6.0.x is not affected The unsupported Tomcat 3.x, 4.0.x and 5.0.x versions ma...

4.3CVSS5.8AI score0.04807EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/09/03 3:34 a.m.4 views

Fujitsu Interstage Application Server Interstage Management Console Arbitrary File Read/Delete Vulnerability

Overview The Interstage Management Console used in Fujitsu Interstage Application Server has a vulnerability which allows remote attackers to read or delete arbitrary files. Impact A remote attacker could read or delete arbitrary files. Solution Please refer to the 'Vendor Information' section fo...

6.4CVSS6.9AI score0.01403EPSS
Exploits0References8
Prion
Prion
added 2008/08/25 9:41 p.m.17 views

Directory traversal

Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. dot dot in the URI...

5CVSS7.2AI score0.02685EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/08/25 9:41 p.m.17 views

CVE-2008-3776

Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. dot dot in the URI...

5CVSS6.6AI score0.02685EPSS
Exploits1References4
Rows per page
Query Builder