EUVD-2006-6579

Malware in sbrugna...

Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21594/info Hilgraeve HyperACCESS is prone to multiple remote command-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary application commands with the privileges of the affected application....

Hyper Access多个远程安全漏洞

yperACCESS是HyperTerminal的官方升级，可为用户提供终端通讯解决方案。 HyperAccess中存在两个安全漏洞： 通过打开.HAW文件执行命令 HyperAccess将会话保存为.haw文件，可通过注册表中设置的editflags未经用户交互便打开这些扩展名： HKEYCLASSESROOT\HAWin32\EditFlags. 如果Internet Explorer用户浏览了包含有.HAW的站点，就会强制执行自动下载并由所安装的HyperAccess打开并解析文件。 通过Telnet URL协议执行命令 HyperAccess可通过将以下注册表项：...

CVE-2006-6597

Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe...

CVE-2006-6596

HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session HAW file, which can be automatically opened using Internet Explorer...

CVE-2006-6596

HyperAccess 8.4 is affected: a user‑assisted remote vulnerability where a session (HAW) file can be automatically opened by Internet Explorer, allowing arbitrary vbscript and commands execution. The CVSS indicates NETWORK attack vector, medium complexity, no authentication, with partial impacts t...

CVE-2006-6597

Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe...

CVE-2006-6597

CVE-2006-6597 affects HyperAccess 8.4. An argument-injection vulnerability lets user-assisted remote attackers run arbitrary vbscript and commands via the /r option in a telnet:// URI configured to use hawin32.exe. The NVD entry assigns a CVSSv2 base score of 6.8 (Network, Medium complexity, no a...

CVE-2006-6596

HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session HAW file, which can be automatically opened using Internet Explorer...

PT-2006-7199 · Hyperaccess · Hyperaccess

Name of the Vulnerable Software and Affected Versions: HyperAccess version 8.4 Description: The issue allows user-assisted remote attackers to execute arbitrary vbscript and commands. This is achieved via the /r option in a telnet:// URI, which is configured to use hawin32.exe. Recommendations: F...

Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities

Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities source: https://www.securityfocus.com/bid/21594/info Hilgraeve HyperACCESS is prone to multiple remote command-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary application commands with...

Hilgraeve HyperAccess 8.4 - Multiple Remote Command Execution Vulnerabilities

source: https://www.securityfocus.com/bid/21594/info Hilgraeve HyperACCESS is prone to multiple remote command-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary application commands with the privileges of the affected application. A successful exploit could result...

HyperAccess - Multiple Vulnerabilities

Not long now... ======================================================================== = Hyper Access - Multiple Vulnerabilities = = Vendor Website: = http://www.hilgraeve.com = = Affected Software: = Hyper Access 8.4 and possibly lower = = Public disclosure on Thursday December 14, 2006...

Multiple HyperAccess telnet / ssh terminal security vulnerabilities

Code execution with .HAW files and telnet: protocol handler...