4 matches found
CVE-2009-4493
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...
CVE-2009-4493
CVE-2009-4493 affects Orion Application Server 2.0.7. The Vulnerability arises from writing to logs without sanitizing non‑printable characters, enabling an attacker to send an HTTP request containing terminal escape sequences that could modify a window title or, in the worst case, execute arbitr...
Orion Application Server Terminal Escape Sequence in Logs Command Injection Vulnerability
Orion Application Server is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. Orion Application Server 2.0.7 is vulnerable; other versions may also be...
CVE-2009-4493
creationtimestamp| type| source ---|---|--- 2010-01-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33503...