CVE-2001-0948

Cross-site scripting CSS vulnerability in ValiCert Enterprise Validation Authority EVA 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed...

PT-2001-2103 · Valicert · Valicert Enterprise Validation Authority (Eva) Administration Server

Name of the Vulnerable Software and Affected Versions: ValiCert Enterprise Validation Authority EVA Administration Server versions 3.3 through 4.2.1 Description: The issue arises from the use of insufficiently random data. This affects two main areas: 1 the generation of session tokens for HSMs,...

PT-2001-2102 · Valicert · Valicert Enterprise Validation Authority (Eva) Administration Server

Name of the Vulnerable Software and Affected Versions: ValiCert Enterprise Validation Authority EVA Administration Server versions 3.3 through 4.2.1 Description: The issue allows remote attackers to execute arbitrary code via long arguments to various parameters, including Mode, Certificate File,...

PT-2001-2100 · Valicert · Valicert Enterprise Validation Authority

Name of the Vulnerable Software and Affected Versions: ValiCert Enterprise Validation Authority EVA versions 3.3 through 4.2.1 Description: The issue allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that includes...

PT-2001-2101 · Valicert · Valicert Enterprise Validation Authority

Name of the Vulnerable Software and Affected Versions: ValiCert Enterprise Validation Authority EVA versions 3.3 through 4.2.1 Description: A cross-site scripting issue allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's...