21 matches found
EUVD-2001-0512
Malware in sbrugna...
EUVD-2008-5503
Malware in sbrugna...
EUVD-2001-0513
Malware in sbrugna...
EUVD-2001-0514
Malware in sbrugna...
CVE-2008-5528
Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
Design/Logic Flaw
Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
CVE-2008-5528
Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
CVE-2008-5528
CVE-2008-5528 describes a bypass of malware detection in HTML documents when using Internet Explorer 6/7, by prepending an MZ header (“EXE info”) and renaming the document’s filename to have no extension, .txt, or .jpg. Connected documents (e.g., CVE-2006-5745) confirm the same pattern affecting ...
CVE-2003-1449
Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol CVP data, which allows remote attackers to bypass virus protection...
CVE-2001-0520
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including 1 onload in the BODY tag, 2 href in the A tag, 3 the BUTTON tag, 4 the INPUT tag, or 5 any other tag in which scripts can be...
CVE-2001-0521
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document...
CVE-2001-0519
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags...
CVE-2001-0520
CVE-2001-0520 affects Aladdin eSafe Gateway versions 3.0 and earlier. The vulnerability allows a remote attacker to bypass filtering of SCRIPT tags by embedding scripts within certain HTML constructs (e.g., onload in BODY, href in A, BUTTON, INPUT, or other tag-defined scripts). The NVD entry lis...
CVE-2001-0521
CVE-2001-0521 affects Aladdin eSafe Gateway versions 3.0 and earlier. The issue allows a remote attacker to bypass the gateway’s HTML SCRIPT filtering by using Unicode-encoded SCRIPT tags within the HTML document. This describes a filtering bypass in the web gateway; the documents do not provide ...
CVE-2001-0519
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags...
CVE-2001-0520
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including 1 onload in the BODY tag, 2 href in the A tag, 3 the BUTTON tag, 4 the INPUT tag, or 5 any other tag in which scripts can be...
CVE-2001-0519
Aladdin eSafe Gateway versions 2.x are affected by CVE-2001-0519: a remote attacker can bypass HTML SCRIPT filtering through a crafted HTML sequence that nests SCRIPT tags within other SCRIPT tags. This is the vulnerability described in NVD/NVD-derived records, with a CVSS v2 base score of 7.5 (N...
CVE-2001-0521
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document...
Aladdin eSafe Gateway Script-filtering Bypass through Unicode Vulnerability
29 May 2001 This is the third of 3 sequential advisories we are issuing regarding Aladdin eSafe Gateway. Status -------- The entire content of this advisory was reviewed and acknowledged by Aladdin. Product Background -------------------------- eSafe Gateway is an Internet Content Security produc...
Дырка в Aladdin eSafe Gateway (mutiple vulnerabilities)
Различные проблемы позволяют обойти защиту...