Hummingbird < 3.3.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Config Name, which could allow high privilege users, such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Go to Hummingbird's Settings Configs edit the "Name and Description" and put the followi...

WordPress Hummingbird plugin <= 3.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Taurus Omar in WordPress Hummingbird plugin versions = 3.3.1. Solution Update the WordPress Hummingbird plugin to the latest available version at least 3.3.2...

Hummingbird Connectivity 10 SP5 LPD Buffer Overflow

No description provided by source. $Id: hummingbirdexceed.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

Hummingbird HostExplorer 6.2/8.0 ActiveX Control 'PlainTextPassword()' Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31783/info Hummingbird HostExplorer ActiveX control is prone to a buffer-overflow vulnerability because the application fails to adequately check boundaries on user-supplied input. An attacker can exploit this issue to...

Hummingbird Deployment Wizard 10 'DeployRun.dll' ActiveX Control Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31799/info Hummingbird Deployment Wizard 10 ActiveX control is prone to multiple vulnerabilities that attackers can exploit to run arbitrary code. The issues stem from insecure methods used within 'DeployRun.dll'. An...

Hummingbird Collaboration - Crafted URL File Property Obscuration Download

No description provided by source. source: http://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and...

Hummingbird <= 13.0 ActiveX Remote Buffer Overflow PoC

No description provided by source. html !-- the latest version of this activex 13.0 is compiled with /gs, earlier versions aren't. The XXXX would have overwritten return address. by [email protected] -- object classid='clsid:FFB6CC68-702D-4FE2-A8E7-4DE23835F0D2' id='target' /object script...

Hummingbird Collaboration Application Cookie Internal Network Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/16195/info Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities. The following specific issues were identified: The application reportedly allows remote attackers to upload arbitrary HTML files and...

EMC Documentum eRoom Indexing Server Hummingbird Client Connector Buffer Overflow

The Hummingbird Client Connector, bundled with EMC Documentum eRoom's Indexing Server, has a buffer overflow vulnerability. Making an unspecified request can result in a stack-based buffer overflow. A remote, unauthenticated attacker could exploit this to execute arbitrary code. Documentum eRoom...

CVE-2011-1741

Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP...

Stack overflow

Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP...

CVE-2011-1741

CVE-2011-1741 affects EMC Documentum eRoom’s Indexing Server via the bundled HummingBird Client Connector (ftserver.exe) . A stack-based buffer overflow occurs when parsing a crafted TCP packet, which could allow a remote, unauthenticated attacker to execute arbitrary code on the server. Affected...

CVE-2011-1741

Stack-based buffer overflow in ftserver.exe in the OpenText Hummingbird Client Connector, as used in the Indexing Server in EMC Documentum eRoom 7.x before 7.4.3.f and other products, allows remote attackers to execute arbitrary code by sending a crafted message over TCP...

EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector...

EMC Documentum eRoom

HummingBird Client Connector buffer overflow and code execution...

ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability EMC Identifier: ESA-2011-022 CVE Identifier: CVE-2011-1741 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected...

ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability

ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-236 July 18, 2011 -- CVE ID: CVE-2011-1741 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products:...

Hummingbird Connectivity 10 SP5 - LPD Buffer Overflow (Metasploit)

$Id: hummingbirdexceed.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Hummingbird InetD LPD Component Buffer Overflow (CVE-2005-1815)

The Hummingbird InetD product provides Microsoft Windows PC platform users with some of the functionality of a UNIX host. The product provides server functions for TCP/IP based applications, enabling connectivity among Windows PCs and Unix hosts. A buffer overflow vulnerability exists in the LPD...

Hummingbird Connectivity 10 SP5 LPD Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Hummingbird...