Lucene search
K

155 matches found

Prion
Prion
added 2007/07/15 9:30 p.m.16 views

Heap overflow

Heap-based buffer overflow in mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE:...

10CVSS8.5AI score0.16199EPSS
Exploits0References10Affected Software3
NVD
NVD
added 2007/07/15 9:30 p.m.16 views

CVE-2007-2417

Heap-based buffer overflow in mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE:...

10CVSS8.1AI score0.16199EPSS
Exploits0References10
Cvelist
Cvelist
added 2007/07/15 9:0 p.m.26 views

CVE-2007-2417

Heap-based buffer overflow in mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE:...

8.1AI score0.16199EPSS
Exploits0References10
CVE
CVE
added 2007/07/15 9:0 p.m.57 views

CVE-2007-2417

CVE-2007-2417 concerns a heap-based overflow in Progress OpenEdge’s Progress server component _mprosrv.exe. The vulnerability affects Progress OpenEdge 9.1E and 10.1x (via the Progress server) and can be triggered by crafted TCP packets received on the server, leading to potential remote code exe...

10CVSS8.1AI score0.16199EPSS
Exploits0References10Affected Software3
securityvulns
securityvulns
added 2007/07/13 12:0 a.m.68 views

[Full-disclosure] TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability

TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-07-12.html July 12, 2007 -- CVE ID: CVE-2007-2417 -- Affected Vendor: Progress Software -- Affected Products: RSA Authentication Manager Progress Database -- TippingPointTM IPS...

10CVSS1.5AI score0.16199EPSS
Exploits0
NVD
NVD
added 2007/06/29 6:30 p.m.20 views

CVE-2007-3491

Buffer overflow in mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message...

7.5CVSS6.9AI score0.02517EPSS
Exploits0References6
Prion
Prion
added 2007/06/29 6:30 p.m.20 views

Buffer overflow

Buffer overflow in mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message...

7.5CVSS7.2AI score0.02517EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/06/29 6:0 p.m.19 views

CVE-2007-3491

Buffer overflow in mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message...

6.9AI score0.02517EPSS
Exploits0References6
CVE
CVE
added 2007/06/29 6:0 p.m.44 views

CVE-2007-3491

CVE-2007-3491 concerns a buffer overflow in Progress OpenEdge’s _mprosrv (before 9.1E0422 and before 10.1B01 for 10.x) that can be triggered by a malformed TCP/IP message. The available documents identify the affected component (_mprosrv.exe) and the vulnerable versions, with an remote-access vec...

7.5CVSS7AI score0.02517EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/05/04 1:19 a.m.20 views

CVE-2007-2506

WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service infinite loop and daemon hang via a messenger URL that invokes edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or...

7.8CVSS6.7AI score0.03967EPSS
Exploits1References7
Prion
Prion
added 2007/05/04 1:19 a.m.15 views

Code injection

WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service infinite loop and daemon hang via a messenger URL that invokes edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or...

7.8CVSS7.3AI score0.03967EPSS
Exploits1References7Affected Software2
CVE
CVE
added 2007/05/04 1:0 a.m.51 views

CVE-2007-2506

This CVE concerns WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e and some 9.x variants. The vulnerability allows remote attackers to cause a denial of service (infinite loop and daemon hang) by requesting a messenger URL that calls _edit.r with no additional parameters, demonstr...

7.8CVSS6.7AI score0.03967EPSS
Exploits1References7Affected Software2
securityvulns
securityvulns
added 2002/05/03 12:0 a.m.47 views

latest Progress patch has suid issues AGAIN.

Progress 9.1C11 Patch date 2002/04/26 http://www.progress.com/patches/patchlst/91C-178v.htm Once again by ignoring my warnings and suggestions and even offers to audit code prior to release for the public, Progress Software has happened upon a security hole. If you will recall from last month...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2002/05/03 12:0 a.m.43 views

Multiple buffer overflows in Progress

Multiple buffer overflows, format string bugs, etc...

2.8AI score
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2002/03/25 12:0 a.m.41 views

Progress Software suid overflows again.

Yet another b0f in progress software due to pstcopy Progress Software corp. http://www.progress.com STILL can't seem to validate user input... this is in their latest patch level for Progress 9.1C 91C09.tar.Z root@localhost bin cat ../version echo PROGRESS PATCH Version 9.1C09 as of February 26,...

1.1AI score
Exploits0
Rows per page
Query Builder