571 matches found
CVE-2008-3776
CVE-2008-3776 describes a directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2. The issue allows an attacker to read arbitrary files by supplying a .. (dot dot) sequence in the URI, enabling partial confidentiality impact. The provided documents specify the affected product and...
CVE-2008-3776
Directory traversal vulnerability in Fujitsu Web-Based Admin View 2.1.2 allows remote attackers to read arbitrary files via a .. dot dot in the URI...
Fujitsu Web-Based Admin View目录遍历漏洞
BUGTRAQ ID: 30780 CNCAN ID:CNCAN-2008082204 Fujitsu Web-Based Admin View不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 提交包含多个"../"字符作为GET请求数据,可导致绕过WEB ROOT限制,以WEB权限查看系统文件内容。 Fujitsu Web-Based Admin View 2.1.2 目前没有解决方案提供: http://www.fujitsu.com/ GET /.././.././.././.././.././.././.././.././.././etc/passw...
fujitsu-traverse.txt
Fujitsu Web-Based Admin View Directory Traversal Vulnerability Version: 2.1.2 on Solaris, Other versions may vulnerable Vulnerability: Directory Traversal Risk: Critical Description: Due to insufficient control of user inputs, Fujitsu Web-based admin view reveals content of files residing in...
Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal
Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal source: https://www.securityfocus.com/bid/30780/info Fujitsu Web-Based Admin View is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the...
Fujitsu Web-Based Admin View 2.1.2 - Directory Traversal
source: https://www.securityfocus.com/bid/30780/info Fujitsu Web-Based Admin View is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This issue occurs in the application's HTTP server. Exploiting this issue will allow an...
CVE-2008-3126
Multiple stack-based buffer overflows in the ServerView web interface SnmpGetMibValues.exe in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL...
Stack overflow
Multiple stack-based buffer overflows in the ServerView web interface SnmpGetMibValues.exe in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL...
CVE-2008-3126
The CVE-2008-3126 issue affects Fujitsu Siemens Computers ServerView (04.60.07 and earlier), specifically the ServerView web interface component SnmpGetMibValues.exe. The root cause is multiple stack-based buffer overflows that allow remote authenticated users to execute arbitrary code via a craf...
CVE-2008-3126
Multiple stack-based buffer overflows in the ServerView web interface SnmpGetMibValues.exe in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL...
KLA10323 ACE vulnerabilities ServerView
A buffer overflow was found in ServerView. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed URL. Original advisories - Related products ServerView CVE list CVE-2008-3126 high Solution Update to lates...
ServerView 'SnmpGetMibValues.exe'多个未明缓冲区溢出漏洞
BUGTRAQ ID: 30081 CNCAN ID:CNCAN-2008070706 Fujitsu ServerView是一款用于进行自动分析和版本维护的资产管理工具。 Fujitsu ServerView不正确检查用户提交的数据,远程攻击者可以利用漏洞进行缓冲区溢出攻击,可能以应用程序权限执行任意指令。 目前没有详细漏洞细节提供。 Fujitsu ServerView 4.60.7 可联系供应商获得补丁信息:...
CVE-2008-2674
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors...
Code injection
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors...
CVE-2008-2674
CVE-2008-2674 describes an unspecified vulnerability in the Interstage Management Console used by Fujitsu Interstage Application Server 6.0–9.0.0A, Apworks Modelers-J 6.0–7.0, and Studio 8.0.1–9.0.0. The issue allows remote attackers to read or delete arbitrary files via unspecified vectors. Conn...
CVE-2008-2674
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors...
FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability
Overview Fujitsu's encryption software FENCE-Pro and Systemwalker Desktop Encryption share the same components. A vulnerability exists in self-decoding files created using this software. Impact The third party could view the contents of self-decoding files and obtain the passwords used for the...
Interstage Application Server cross-site scripting vulnerability
Overview The Servlet Service for Interstage Business Application and the Servlet Service for Interstage Management Console may be referred to as "Servlet Service for Interstage Operation Management" in certain versions included in the Interstage product series from Fujitsu contain a cross-site...
ServerView cross-site scripting vulnerability
Overview ServerView, server-monitoring software included with Fujitsu servers, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...
Fujitsu Java Runtime Environment reflection API vulnerability
Overview A vulnerability exists in the reflection API in the Java Runtime Environment that may allow a Java applet to elevate its privileges bypassing its security restrictions. This problem was reported by Sun Microsystems as a vulnerability in Java Runtime Environment. Fujitsu's product is...