15 matches found
EUVD-2015-4700
Malware in sbrugna...
EUVD-2015-4704
Malware in sbrugna...
Directory traversal
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager aka RPRM before 8.4 allow 1 remote authenticated users to read arbitrary files via a .. dot dot in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary fil...
Code injection
Polycom RealPresence Resource Manager aka RPRM before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests...
CVE-2015-4684
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager aka RPRM before 8.4 allow 1 remote authenticated users to read arbitrary files via a .. dot dot in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary fil...
CVE-2015-4682
Polycom RealPresence Resource Manager aka RPRM before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager...
CVE-2015-4685
Polycom RealPresence Resource Manager aka RPRM before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration...
CVE-2015-4681
Polycom RealPresence Resource Manager (RPRM) <= 8.3.x is vulnerable to CVE-2015-4681 (and related CVEs) via vectors related to weak passwords, enabling local access with complete impact on confidentiality, integrity, and availability. The SEC Consult advisory reports multiple vulnerabilities a...
Polycom RealPresence Resource Manager Unauthorized Access Vulnerability
RealPresence Resource Manager software is a key component of the Polycom RealPresence platform, a robust device and software optimized for virtual environments. An unauthorized access vulnerability exists in Polycom RealPresence Resource Manager, which could be exploited by an attacker to gain...
SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20150626-0 ======================================================================= title: Critical vulnerabilities allow surveillance on conferences product: Polycom RealPresence Resource Manager RPRM...
Polycom RealPresence Resource Manager multiple security vulnerabilities
Information disclosure, privilege escalation, directory traversal...
Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications title: Critical vulnerabilities allow surveillance on conferences product: Polycom RealPresence Resource Manager RPRM vulnerable versions: 8.4 fixed version: 8.4 CVE numbers: CVE-2015-4681, CVE-2015-4682, CVE-2015-4683, CVE-2015-4684...
Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Critical vulnerabilities allow surveillance on conferences product: Polycom RealPresence Resource Manager RPRM vulnerable...
Polycom RealPresence Resource Manager 8.4 - Multiple Vulnerabilities
Polycom RealPresence Resource Manager 8.4 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Critical vulnerabilities allow surveillance on...
Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Critical vulnerabilities allow surveillance on conferences product: Polycom RealPresence Resource Manager RPRM vulnerable...