55 matches found
CVE-2013-4804
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-2366
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
Code injection
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
Code injection
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-4804
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-4804
HP Business Process Monitor (BPM) vulnerable to remote code execution and information disclosure as described for CVE-2013-4804. Affected software versions on Windows are BPM 9.13.1 patch 1 and BPM 9.22 patch 1. The root cause is not explicitly detailed in the description, but the HP Security Bul...
CVE-2013-2366
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
CVE-2013-2366
HP BPM vulnerability CVE-2013-2366 affects HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1. The root cause is a flaw in the tp_bpm_admin.exe server (listens on TCP port 2696) that allows remote code execution via a directory traversal in file upload handling. Exploitation is unauthent...
HP Business Process Monitor security vulnerabilities
Information leak, code execution...
[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03844594 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03844594 Version: 1 HPSBMU02901 rev....
Uncover Adobe Reader Sandbox Exceptions
Since version 10 Adobe Reader has included a flavor of the Chrome sandbox. This technology is much better explained here, and in the 4 Adobe specific posts: part1, part2, part3 and part4. But in very few words it works dividing responsibilities in at least 2 processes; the broker and a target. Th...
Design/Logic Flaw
Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...
CVE-2007-4969
Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...
CVE-2007-4969
CVE-2007-4969 affects Process Monitor 1.22. The vulnerability stems from improper validation of parameters to System Service Descriptor Table (SSDT) function handlers, enabling local users to crash the system and potentially gain privileges via unspecified kernel SSDT hooks for Windows Native API...
CVE-2007-4969
Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including 1...