Lucene search
K

4 matches found

Cvelist
Cvelist
added 2010/01/13 8:0 p.m.36 views

CVE-2009-4493

Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

7.7AI score0.06836EPSS
Exploits1References2
CVE
CVE
added 2010/01/13 8:0 p.m.58 views

CVE-2009-4493

CVE-2009-4493 affects Orion Application Server 2.0.7. The Vulnerability arises from writing to logs without sanitizing non‑printable characters, enabling an attacker to send an HTTP request containing terminal escape sequences that could modify a window title or, in the worst case, execute arbitr...

5CVSS7.8AI score0.06836EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2010/01/13 12:0 a.m.33 views

Orion Application Server Terminal Escape Sequence in Logs Command Injection Vulnerability

Orion Application Server is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. Orion Application Server 2.0.7 is vulnerable; other versions may also be...

5CVSS0.2AI score0.06836EPSS
Exploits1References3
Circl
Circl
added 2010/01/11 12:0 a.m.5 views

CVE-2009-4493

creationtimestamp| type| source ---|---|--- 2010-01-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33503...

5CVSS5.7AI score0.06836EPSS
Exploits1References1
Rows per page
Query Builder