9859 matches found
CVE-2011-0732
Technical details for CVE-2011-0732 are not publicly available in the provided documents. Monitor for updates from official advisories; current sources reiterate unknown impact and bundled WebSphere issues without specific vulnerability vectors or fixes.
CA ARCserve D2D Axis2 default password
Added: 01/26/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background CA ARCserve D2D is a disk-based backup solution. Problem CA ARCserve D2D deploys Axis2 with default credentials which can be used to gain unauthorized access to the web application server. By then uploading a specially crafte...
CA ARCserve D2D Axis2 default password
Added: 01/26/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background CA ARCserve D2D is a disk-based backup solution. Problem CA ARCserve D2D deploys Axis2 with default credentials which can be used to gain unauthorized access to the web application server. By then uploading a specially crafte...
CA ARCserve D2D Axis2 default password
Added: 01/26/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background CA ARCserve D2D is a disk-based backup solution. Problem CA ARCserve D2D deploys Axis2 with default credentials which can be used to gain unauthorized access to the web application server. By then uploading a specially crafte...
IBM WebSphere Application Server Multiple Vulnerabilities
IBM WebSphere Application Server WAS is prone to an information- disclosure vulnerability and to a cross-site scripting vulnerability. This issue affects WAS 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15. OpenVAS Vulnerability Test $Id: gbibmwas45800.nasl 7015 2017-08-28 11:51:24Z teissa $ IBM...
IBM WebSphere Application Server Multiple Vulnerabilities (Jan 2011)
IBM WebSphere Application Server is prone to an information disclosure vulnerability and a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2011-0315
Cross-site scripting XSS vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to the lack of an error page for an...
Design/Logic Flaw
The Administrative Console component in IBM WebSphere Application Server WAS 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request...
CVE-2011-0316
The CVE-2011-0316 entry affects IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.35 and 7.0 prior to 7.0.0.15. The Administrative Console component does not properly restrict access to console servlets, allowing remote attackers to obtain potentially sensitive status information via a di...
Microsoft Data Access Components Data Source Name Buffer Overflow Vulnerability
Description Microsoft Data Access Components MDAC are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will...
Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to open a...
Security Best Practice: Blocking Citrix ICA Session Sharing (Seamless Window) Vulnerabilities
Independent Computing Architecture ICA is a proprietary protocol for an application server system, designed by Citrix Systems. The protocol lays down a specification for passing data between server and clients. ICA is broadly similar in purpose to window servers such as the X Window System. It al...
Access Control Security Bypass Vulnerability in Interstage Application Server
Overview Interstage Application Server has an access control security bypass vulnerability which could allow an attacker to access and execute a request from the IP address that should be denied. Impact A remote attacker could access and execute a request from the IP address that should be denied...
Interstage Application Server Information Disclosure Vulnerability
Overview Interstage Application Server has an information disclosure vulnerability when used in a J2EE environment. Impact By taking the specific steps, a remote attacker could access the files and directories in the server to which J2EE applications are deployed, and the confidential information...
Microsoft Windows OpenType Font (OTF) Driver Double-Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...
Microsoft Windows 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Windows CVE-2010-3944 'Win32k.sys' Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Windows CVE-2010-3941 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...
Microsoft Internet Explorer Select HTML Element Use-After-Free Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...
Microsoft Windows OpenType Font (OTF) Driver CMAP Table Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attempts will result ...