Lucene search
K

258 matches found

Tenable Nessus
Tenable Nessus
added 2010/03/01 12:0 a.m.441 views

Multiple Adobe Products XML External Entity (XXE) Injection (APSB10-05)

The remote host appears to be running an Adobe product that is susceptible to XML External Entity XXE attacks. The installed version of the product fails to block the use of external XML entities while using the HTTPChannel to transport data in AMFX format. A remote, unauthenticated attacker coul...

6.5CVSS8.2AI score0.90012EPSS
Exploits12References4
securityvulns
securityvulns
added 2010/02/25 12:0 a.m.209 views

Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities CVE: CVE-2009-3960 Adobe PSIRT: APSB10-05 -...

4.3CVSS7.4AI score0.90012EPSS
Exploits12
Packet Storm
Packet Storm
added 2010/02/23 12:0 a.m.71 views

Adobe Products XML External Entity And XML Injection

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities CVE: CVE-2009-3960 Adobe PSIRT: APSB10-05 -...

4.3CVSS0.1AI score0.90012EPSS
Exploits12
0day.today
0day.today
added 2010/02/22 12:0 a.m.56 views

Adobe Products XML External Entity And XML Injection Vulnerabilities

Exploit for unknown platform in category dos / poc ==================================================================== Adobe Products XML External Entity And XML Injection Vulnerabilities ==================================================================== Multiple Adobe Products XML External...

7AI score0.90012EPSS
Exploits12
exploitpack
exploitpack
added 2010/02/22 12:0 a.m.63 views

Adobe (Multiple Products) - XML External Entity XML Injection

Adobe Multiple Products - XML External Entity XML Injection , , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities CVE:...

4.3CVSS7AI score0.90012EPSS
Exploits12
Exploit DB
Exploit DB
added 2010/02/22 12:0 a.m.68 views

Adobe (Multiple Products) - XML External Entity / XML Injection

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities CVE: CVE-2009-3960 Adobe PSIRT: APSB10-05 -...

6.5CVSS7AI score0.90012EPSS
Exploits12
CVE
CVE
added 2010/02/15 6:0 p.m.1056 views

CVE-2009-3960

CVE-2009-3960 is an information-disclosure vulnerability in Adobe BlazeDS and related Adobe data services components (e.g., LiveCycle, ColdFusion) where XML External Entity/XML Injection flaws can allow remote attackers to obtain sensitive information. Root cause: injected tags and external entit...

6.5CVSS8.8AI score0.90012EPSS
In wildExploits12References7Affected Software5
ATTACKERKB
ATTACKERKB
added 2010/02/15 12:0 a.m.39 views

CVE-2009-3960

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are...

6.5CVSS4.2AI score0.90012EPSS
In wildExploits12References9
Prion
Prion
added 2009/12/16 6:30 p.m.18 views

Design/Logic Flaw

The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command...

7.5CVSS7.4AI score0.01331EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2009/12/16 6:0 p.m.28 views

CVE-2009-4333

The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command...

6.6AI score0.01331EPSS
Exploits0References7
NVD
NVD
added 2009/04/15 10:30 a.m.20 views

CVE-2009-1005

Unspecified vulnerability in the Oracle Data Service Integrator AquaLogic Data Services Platform component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

4.1CVSS5.7AI score0.00315EPSS
Exploits1References6
CVE
CVE
added 2004/09/01 4:0 a.m.64 views

CVE-2002-1142

CVE-2002-1142 is a heap-based buffer overflow in the MDAC RDS component caused by an unchecked buffer in the RDS Data Stub when handling malformed HTTP requests. Affected: MDAC versions 2.1–2.6 and Internet Explorer 5.01–6.0. Impact: remote code execution with the privileges of the service (e.g.,...

7.5CVSS7.5AI score0.76004EPSS
Exploits5References11Affected Software3
securityvulns
securityvulns
added 2002/11/22 12:0 a.m.38 views

ISS Security Brief: Microsoft MDAC Remote Compromise Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief November 21, 2002 Microsoft MDAC Remote Compromise Vulnerability Synopsis: Microsoft has released a security bulletin detailing a vulnerability in Microsoft MDAC technology. MDAC or Microsoft Data Access Components is a...

Exploits0
Symantec
Symantec
added 2002/11/20 12:0 a.m.25 views

Microsoft Data Access Components RDS Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC contains a buffer overflow in a Remote Data Services RDS component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could all...

0.6AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2002/08/13 12:0 a.m.41 views

Bulk Data Services (BDS) vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Bulk Data Services BDS vulnerability Number: 20020804-01-P Date: August 12, 2002 Reference: CAN-2002-0632 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that under certain conditions,...

5CVSS6.3AI score0.01318EPSS
Exploits0
exploitpack
exploitpack
added 1999/07/19 12:0 a.m.28 views

Microsoft Data Access Components (MDAC) 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)

Microsoft Data Access Components MDAC 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS 1 source: https://www.securityfocus.com/bid/529/info MDAC Microsoft Data Access Components is a package used to integrate web and database services...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 1999/07/19 12:0 a.m.111 views

Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)

source: https://www.securityfocus.com/bid/529/info MDAC Microsoft Data Access Components is a package used to integrate web and database services. It includes a component named RDS Remote Data Services. RDS allows remote access via the internet to database objects through IIS. Both are included i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1999/07/19 12:0 a.m.140 views

Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)

source: https://www.securityfocus.com/bid/529/info MDAC Microsoft Data Access Components is a package used to integrate web and database services. It includes a component named RDS Remote Data Services. RDS allows remote access via the internet to database objects through IIS. Both are included i...

7.4AI score
Exploits0
Rows per page
Query Builder