9873 matches found
Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1333 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a buffer-overflow error. A local attacker can exploit this issue to escalate privileges and perform unauthorized actions. Technologies Affected Avaya CallPilot 4.0 Avaya...
Microsoft Internet Explorer JSON Array CVE-2013-1297 Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Internet Explorer 6, 7, and 8 are vulnerable. Technologies Affected Avaya Aura Conferencing Standard Avaya...
Microsoft Internet Explorer CVE-2013-1307 Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Windows DirectX Graphics Kernel CVE-2013-1332 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that is related to DirectX Graphics Kernel Subsystem. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of...
Fedora Update for plexus-archiver FEDORA-2013-5548
Check for the Version of plexus-archiver OpenVAS Vulnerability Test Fedora Update for plexus-archiver FEDORA-2013-5548 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...
[SECURITY] Fedora 19 Update: plexus-archiver-2.3-1.fc19
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
[SECURITY] Fedora 18 Update: plexus-archiver-2.3-1.fc18
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
[SECURITY] Fedora 17 Update: plexus-archiver-2.3-1.fc17
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
Trellix ePolicy Orchestrator Application Server Detection
ePolicy Orchestrator ePO Application Server, a web interface for ePO, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66318; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/03/14";...
JBoss 4.2.0 JMXInvoker 代码执行漏洞
JBoss是基于J2EE的开放源代码的应用服务器,其4.2.0默认会开启JMXInvoker, 攻击可使用JMXInvoker部署一个war,从而成功地远程部署了恶意代码。 JBoss 4.2.0...
JBoss 4.2.0 WebConsole/Invoker 代码执行漏洞
JBoss是基于J2EE的开放源代码的应用服务器,其4.2.0版本会开启WebConsole, 攻击可使用WebConsole/Invoker部署一个war,从而成功地远程部署了恶意代码。 JBoss 4.2.0...
CVE-2013-0543
IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote attackers to bypass intended access restrictions...
CVE-2013-0565
Cross-site scripting XSS vulnerability in the RPC adapter for the Web 2.0 and Mobile toolkit in IBM WebSphere Application Server WAS 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted response...
Cross site scripting
Cross-site scripting XSS vulnerability in the Administrative console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 allows remote attackers to inject arbitrary web script or HTML via crafted field values...
Directory traversal
Directory traversal vulnerability in the Administrative Console in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux and UNIX allows remote authenticated users to modify data via unspecified vectors...
Authentication flaw
IBM WebSphere Application Server WAS Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, does not properly validate authentication cookies, which allows remote authenticated users to bypass intended access restrictions via an HTTP session...
Design/Logic Flaw
IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote attackers to bypass intended access restrictions...
Buffer overflow
Buffer overflow in IBM WebSphere Application Server WAS 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger WIM, allows local users to cause a denial of service daemon crash...
CVE-2013-0540
CVE-2013-0540 : IBM WebSphere Application Server Liberty Profile 8.5 before 8.5.0.2 has an authentication cookie validation flaw when SSL is not enabled, allowing remote authenticated users to bypass access controls via an HTTP session. The connected IBM advisories indicate the remediation is to ...
CVE-2013-0543
CVE-2013-0543 affects IBM WebSphere Application Server (WAS) across 6.1 (pre-6.1.0.47), 7.0 (pre-7.0.0.29), 8.0 (pre-8.0.0.6), and 8.5 (pre-8.5.0.2) on Linux, Solaris, and HP-UX. Root cause: improper validation of a user via Local OS registries allows remote bypass of access controls. Remediation...