Lucene search
K

56 matches found

Dsquare
Dsquare
added 2012/04/27 12:0 a.m.42 views

CA ARCserve D2D r15 Credentials Disclosure

Credentials disclosure vulnerability in CA ARCserve Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

5CVSS0.5AI score0.71631EPSS
Exploits5References3
securityvulns
securityvulns
added 2011/11/25 12:0 a.m.78 views

Mozilla Foundation Security Advisory 2011-50

Mozilla Foundation Security Advisory 2011-50 Title: Cross-origin data theft using canvas and Windows D2D Impact: High Announced: November 8, 2011 Reporter: Products: Firefox, Thunderbird Fixed in: Firefox 8.0 Thunderbird 8.0 Description Mozilla developer Bas Schouten reported that the introductio...

2.6CVSS0.3AI score0.0095EPSS
Exploits0
CVE
CVE
added 2011/11/09 11:0 a.m.69 views

CVE-2011-3649

CVE-2011-3649 affects Mozilla Firefox 7.0 and Thunderbird 7.0 on Windows when using Direct2D with the Azure graphics backend, allowing cross-origin image data to be read via a manipulated canvas (Same Origin Policy bypass). The issue stems from a regression introduced by CVE-2011-2986. According ...

2.6CVSS9.2AI score0.0095EPSS
Exploits0References5Affected Software2
Mozilla
Mozilla
added 2011/11/08 12:0 a.m.58 views

Cross-origin data theft using canvas and Windows D2D — Mozilla

Mozilla developer Bas Schouten reported that the introduction of the "Azure" graphics back-end on Windows in Firefox 7 re-introduced the cross-origin data theft issue reported by nasalislarvatus3000 as described in MFSA 2011-29...

2.6CVSS9.3AI score0.0095EPSS
Exploits0References2Affected Software3
Check Point Advisories
Check Point Advisories
added 2011/09/27 12:0 a.m.15 views

CA ARCserve D2D GWT RPC Request Credentials Disclosure (CVE-2011-3011)

A credentials disclosure vulnerability has been reported in CA ARCserve D2D. The vulnerability is due to an error while processing Google Web Toolkit GWT RPC requests. A remote attacker can exploit this vulnerability by sending a specially crafted RPC request to an affected server. Successful...

5CVSS6.6AI score0.71631EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2011/08/18 12:0 a.m.48 views

Mozilla Thunderbird 5 Multiple Vulnerabilities

Binary data 801266.prm...

10CVSS9.8AI score0.0544EPSS
Exploits1References9
Mozilla
Mozilla
added 2011/08/16 12:0 a.m.47 views

Security issues addressed in Firefox 6 — Mozilla

Miscellaneous memory safety hazards rv:4.0 Impact: Critical Description: Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances...

10CVSS10AI score0.0544EPSS
Exploits1References22Affected Software1
Mozilla
Mozilla
added 2011/08/16 12:0 a.m.46 views

Security issues addressed in Thunderbird 6 — Mozilla

Many of the issues listed below are not exploitable through mail since JavaScript is disabled by default in Thunderbird. These particular issues may be triggered while viewing RSS feeds and displaying full remote content rather than the feed summary. Addons that expose browser functionality may...

10CVSS8.9AI score0.0544EPSS
Exploits1References16Affected Software1
Mozilla
Mozilla
added 2011/08/16 12:0 a.m.49 views

Security issues addressed in SeaMonkey 2.3 — Mozilla

Miscellaneous memory safety hazards rv:4.0 Impact: Critical Description: Mozilla identified and fixed several memory safety bugs in the browser engine used in SeaMonkey 2.2 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and w...

10CVSS8.9AI score0.0544EPSS
Exploits1References21Affected Software1
NVD
NVD
added 2011/08/15 7:55 p.m.16 views

CVE-2011-3011

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors...

5CVSS7.2AI score0.71631EPSS
Exploits5References4
Prion
Prion
added 2011/08/15 7:55 p.m.15 views

Design/Logic Flaw

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors...

5CVSS7.6AI score0.71631EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2011/08/15 7:0 p.m.22 views

CVE-2011-3011

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors...

7.2AI score0.71631EPSS
Exploits5References4
CVE
CVE
added 2011/08/15 7:0 p.m.63 views

CVE-2011-3011

The CVE-2011-3011 issue affects CA ARCserve D2D r15’s web server, specifically the GWT RPC handling in the homepageServlet. A remote attacker can send a specially crafted GWT RPC request to trigger an information/credentials disclosure, exposing the Windows administrator credentials used by the A...

5CVSS7.2AI score0.71631EPSS
Exploits5References4Affected Software1
Packet Storm
Packet Storm
added 2011/08/02 12:0 a.m.23 views

CA Arcserve D2D GWT RPC Credential Information Disclosure

$Id: caarcserverpcauthbypass.rb 13467 2011-08-01 21:20:29Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2011/08/01 9:20 p.m.17 views

CA Arcserve D2D GWT RPC Credential Information Disclosure

This module exploits an information disclosure vulnerability in the CA Arcserve D2D r15 web server. The information disclosure can be triggered by sending a specially crafted RPC request to the homepage servlet. This causes CA Arcserve to disclosure the username and password in cleartext used for...

5CVSS6.3AI score0.71631EPSS
Exploits5
0day.today
0day.today
added 2011/08/01 12:0 a.m.25 views

CA Arcserve D2D GWT RPC Credential Information Disclosure

Exploit for jsp platform in category web applications $Id: caarcserverpcauthbypass.rb 13467 2011-08-01 21:20:29Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/01 12:0 a.m.23 views

CA Arcserve D2D GWT RPC - Credential Information Disclosure (Metasploit)

$Id: caarcserverpcauthbypass.rb 13467 2011-08-01 21:20:29Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/07/29 12:0 a.m.25 views

CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities

CA ARCserver D2D is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.71631EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2011/07/28 12:0 a.m.27 views

Computer Associates ARCserve D2D homepageServlet Servlet Information Disclosure

The installed version of ARCserve D2D, a disk-based backup product from Computer Associates, allows an unauthenticated, remote attacker to discover the username and password used by the affected application. This can be accomplished by sending a specially crafted POST request to the...

5CVSS5.9AI score0.71631EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2011/07/28 12:0 a.m.25 views

Computer Associates ARCserve D2D Detection

The remote web server is part of ARCserve D2D, a disk-based backup product from Computer Associates. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55719; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"Computer Associates ARCserve D2D...

5.5AI score
Exploits0References1
Rows per page
Query Builder