163 matches found
CVE-2011-1859
CVE-2011-1859 affects HP Service Manager (versions 7.02, 7.11, 9.20, 9.21) and HP Service Center 6.2.8. The HP Security Bulletin SEC-HP (HPSBMA02674) documents remote disclosure of privileged information and related flaws (including unauthorized remote access) in the Web Tier/Web components, with...
CVE-2011-1858
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows local users to bypass intended access restrictions via unknown vectors...
CVE-2011-1859
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to obtain sensitive information via unknown vectors...
CVE-2011-1857
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote authenticated users to bypass intended access restrictions via unknown vectors...
CVE-2011-1861
The CVE-2011-1861 entry concerns HP Service Manager (versions 7.02, 7.11, 9.20, 9.21) and HP Service Center 6.2.8. The connected HP security bulletin documents the vulnerabilities as enabling unauthorized remote access and related issues, with CVSS v2 base score 8.3 (high) and impact to confident...
CVE-2011-1861
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors...
CVE-2011-1862
Cross-site scripting XSS vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-1863
HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allow remote authenticated users to conduct unspecified script injection attacks via unknown vectors...
CVE-2011-1862
CVE-2011-1862 is an XSS vulnerability in HP Service Manager (versions 7.02, 7.11, 9.20, 9.21) and HP Service Center 6.2.8. The underlying issue is a cross-site scripting flaw allowing injection of arbitrary web script/HTML via unspecified vectors. The HP security bulletin HPSBMA02674 rev.1 docume...
CVE-2011-1860
Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors...
CVE-2011-1858
HP Service Manager and HP Service Center are affected by multiple vulnerabilities including CVE-2011-1858 (Unsecured Local Access) that allow local users to bypass access restrictions. Affected versions: SM 9.21, 9.20, 7.11, 7.02 and SC 6.2.8. The HP Security Bulletin HPSBMA02674 rev.1 documents ...
CVE-2011-1863
CVE-2011-1863 concerns HP Service Manager (versions 7.02, 7.11, 9.20, 9.21) and HP Service Center (v6.2.8). The connected documents confirm a remote-authenticated script-injection vulnerability affecting the Web/Web Tier components, with HP’s Security Bulletin detailing multiple related CVEs and ...
[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02863015 Version: 1 HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP...
Native Instruments Service Center 2.2.5 Local Privilege Escalation
Exploit for windows platform in category local exploits ================================================================== Native Instruments Service Center 2.2.5 Local Privilege Escalation ================================================================== Vendor: Native Instruments GmbH Product...
Native Instruments Service Center 2.2.5 Insecure Library Loading
/ Native Instruments Service Center 2.2.5 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 2.2.5 R596 Summary: The NI Service Center is a service used for Product Activation. Desc: The Service Center suffe...
Native Instruments Service Center 2.2.5 Insecure Library Loading Vulnerability
Summary The NI Service Center is a service used for Product Activation. Description The Service Center suffers from a DLL hijacking vulnerability, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to the application insecurely loading certain...
Native Instruments Service Center 2.2.5 - Local Privilege Escalation
Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 2.2.5 R596 Summary: The NI Service Center is a service used for Product Activation. Desc: The Native Instruments's...
Native Instruments (Multiple Products) - DLL Loading Arbitrary Code Execution
// source: https://www.securityfocus.com/bid/44989/info Multiple products from Native Instruments are prone to multiple vulnerabilities that let attackers execute arbitrary code. An attacker can exploit these issues by enticing a legitimate user to use a vulnerable application to open a file from...
HP Deskjet 6800 Cross Site Scripting
A Cross-site scripting input validation error has been identified in the web interface of the HP Deskjet 6800 printer family. By sending a string such as alert"found XSS on this page" via a POST request to /refreshrate.htm the resulting error page will execute the script. Verified on Deskjet 6840...
HP Deskjet 6800 XSS in Web Interface
A Cross-site scripting input validation error has been identified in the web interface of the HP Deskjet 6800 printer family. By sending a string such as scriptalert"found XSS on this page"/script via a POST request to /refreshrate.htm the resulting error page will execute the script. Verified on...