CVE-2010-1036

HP System Insight Manager (HP SIM) before 6.0 contains CVE-2010-1036, a remote XSS that lets an attacker inject arbitrary web script or HTML via unspecified vectors. The HP security bulletin HPSBMA02525 recommends upgrading to HP SIM 6.0 or later; CVSS v2 base score is cited as 6.8 (AV:N/AC:M/Au:...

CVE-2010-1037

HP System Insight Manager (SIM) running on HP-UX, Linux, and Windows prior to version 6.0 is vulnerable to a CSRF flaw that could allow remote attackers to hijack user sessions. The vulnerability affects SIM components listed in the HP security bulletin (HPSBMA02525 rev.1) and is addressed by upg...

CVE-2010-1037

Cross-site request forgery CSRF vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2010-1038

CVE-2010-1038 affects HP System Insight Manager (HPSIM) before version 6.0. It describes an unspecified privilege-escalation vulnerability that could be exploited by remote authenticated users via unknown vectors. The HP security bulletin confirms the issue and recommends upgrading to HP System I...

CVE-2010-1036

Cross-site scripting XSS vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Fedora Update for konq-plugins FEDORA-2010-6096

Check for the Version of konq-plugins OpenVAS Vulnerability Test Fedora Update for konq-plugins FEDORA-2010-6096 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for ikiwiki FEDORA-2010-4933

Check for the Version of ikiwiki OpenVAS Vulnerability Test Fedora Update for ikiwiki FEDORA-2010-4933 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Code injection

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux or ICE-LX 2.11 and earlier allows local users to gain privileges via unknown vectors...

CVE-2010-1031

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux or ICE-LX 2.11 and earlier allows local users to gain privileges via unknown vectors...

CVE-2010-1031

CVE-2010-1031 affects HP Insight Control for Linux (IC-Linux/ICE-LX) up to version 2.11. The entry describes an unspecified vulnerability that lets local users gain privileges via unknown vectors. HP’s security bulletin for IC-Linux lists CVE-2010-1031 as a fixed issue and notes that IC-Linux v6....

CVE-2010-1031

Unspecified vulnerability in HP Insight Control for Linux aka IC-Linux or ICE-LX 2.11 and earlier allows local users to gain privileges via unknown vectors...

HP Insight Control for Linux multiple security vulnerabilities

Code execution, privilege escalation...

[security bulletin] HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux (IC-Linux) Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02062621 Version: 1 HPSBMA02513 SSRT090110 rev.1 - Insight Control for Linux IC-Linux Remote Execution of Arbitrary Code, Local Unauthorized Elevation of Privilege NOTICE: The information in this...

Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability

Description Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result...

ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability

ZDI-10-032: SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-032 March 16, 2010 -- Affected Vendors: SAP -- Affected Products: SAP MaxDB -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have been...

HP OpenView Performance Insight code execution

It's possible to upload JSP page to server...

ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability

ZDI-10-026: Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-026 March 9, 2010 -- CVE ID: CVE-2010-0447 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Performance Insight --...

[security bulletin] HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02033170 Version: 1 HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands NOTICE: The information in this Security Bulletin should be acted upon as soon a...

CVE-2010-0447

The helpmanager servlet in the web server in HP OpenView Performance Insight OVPI 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document...

Design/Logic Flaw

The helpmanager servlet in the web server in HP OpenView Performance Insight OVPI 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document...