CVE-2023-3527

CVE-2023-3527 concerns the Avaya Call Management System (CMS) Supervisor web app. The issue is a CSV injection vulnerability where an admin user can input crafted data that, when exported to a CSV file and opened in spreadsheet software (e.g., Excel), may trigger arbitrary command execution on th...

CVE-2018-15615 CMS Supervisor Information Disclosure

A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x...

CVE-2018-15615

A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x...

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

Sun Solaris ip(7P)实现拒绝服务漏洞

BUGTRAQ ID: 33550 CVE ID：CVE-2009-0480 CNCVE ID：CNCVE-20090480 Sun Solaris是一款商业性质的操作系统。 Sun Solaris IP7pInternet协议相关最小号分配的实现存在安全问题，本地攻击者可以利用漏洞分配大量套接字而导致32位应用程序触发拒绝服务攻击。 目前没有详细漏洞细节提供。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10x86 Sun Solaris 10 Sun OpenSolaris bui...

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities

Description Sun Java Runtime Environment and Java Development Kit are prone to multiple security vulnerabilities. Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security restrictions, run untrusted applets with elevated privileges,...

Sun Solaris Text Editors Command Execution Vulnerability

Sun Solaris text editors are prone to a command-execution vulnerability. An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer. Sun Solaris 8, 9, and 10 are affected. Sun Solaris 9x86 Update 2 Sun Solaris 9 Sun Solaris 8x86...

Sun Solaris 'namefs' Kernel Local Privilege Escalation Vulnerability

Sun Solaris也容易给当地的特权升级的漏洞。 本地攻击者可以利用这个问题上执行任意代码与内核级的特权。成功利用这个问题将导致被完全控制。 Sun Solaris 9x86 Sun Solaris 9 Sun Solaris 8x86 Sun Solaris 8 Sun Solaris 10.0x86 Sun Solaris 10.0 Avaya Interactive Response 3.0 Avaya Interactive Response 2.0 Avaya CMS Server 13.0 Avaya CMS Server 14.1 Avaya CMS Server 14...

Sun Solaris 'snoop(1M)' Utility Multiple Remote Vulnerabilities

The Solaris 'snoop1M' network utility is prone to multiple remote vulnerabilities, including: - Multiple stack-based buffer-overflow vulnerabilities - Multiple format-string vulnerabilities Exploiting these issues will allow attackers to execute arbitrary code with the privileges of the 'nobody'...

Sun Solaris Platform Information and Control Library picld(1M) Local Denial of S

The Sun Solaris Platform Information and Control Library daemon 'picld1M' is prone to a local denial-of-service vulnerability. A local unprivileged attacker can exploit this issue to disable system monitoring and prevent proper operations of certain system utilities, resulting in a...

Microsoft MFC Embedded OLE Object Remote Code Execution Vulnerability

Description The Microsoft MFC component for Microsoft Windows and Microsoft Visual Studio .NET is prone to a remote code-execution vulnerability. This issue occurs when the application using the component attempts to parse malformed Rich Text Files RTF. An attacker could exploit this issue by...

Windows Media Player ASX PlayList File Heap Overflow Vulnerability

Description Windows Media Player is prone to a heap-overflow issue. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected user. Failed exploit attempts likely result in application crashes. Technologies Affected Avaya Agent...

[SA19716] Avaya CMS / IR "/proc" Denial of Service

TITLE: Avaya CMS / IR "/proc" Denial of Service SECUNIA ADVISORY ID: SA19716 VERIFY ADVISORY: http://secunia.com/advisories/19716/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system OPERATING SYSTEM: Avaya Call Management System CMS http://secunia.com/product/4615/ SOFTWARE: Avaya Interactive...

[SA15624] Avaya CMS FTP Daemon Wildcard Denial of Service

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Avaya CMS (Call Management System) / IR (Interactive Response) multiple vulnerabilities

No description provided...

[SA14153] Avaya CMS UDP End Point Handling Denial of Service

TITLE: Avaya CMS UDP End Point Handling Denial of Service SECUNIA ADVISORY ID: SA14153 VERIFY ADVISORY: http://secunia.com/advisories/14153/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system OPERATING SYSTEM: Avaya Call Management System CMS http://secunia.com/product/4615/ DESCRIPTION: Avay...