CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

Cvelist•added 2007/11/20 12:0 a.m.•19 views

CVE-2002-2426

Cross-site request forgery CSRF vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the...

7.6AI score0.00658EPSS

Exploits0References7

CVE•added 2007/11/20 12:0 a.m.•44 views

CVE-2002-2426

The CVE-2002-2426 entry describes a CSRF vulnerability in Citrix Presentation Server 4.0/4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0–2.0. The issue arises from the InitialProgram key in an ICA connection, allowing remote attackers to run published applications (and possibly ...

4.3CVSS7.9AI score0.00658EPSS

Exploits0References7Affected Software3

seebug.org•added 2007/11/17 12:0 a.m.•23 views

Citrix Presentation Server远程未授权代码执行漏洞

Citrix Presentation Server是一款集中部署应用和提供按需接入的解决方案。 Citrix Presentation Server存在一个设计问题，远程攻击者可以利用漏洞以授权用户上下文执行任意未授权代码。如果授权用户被诱使调用ICA连接到Citrix Presentation Server，它可能被攻击者利用并以授权用户上下文执行未授权代码。 ICA连接可通过起用.ica文件或使用ICA客户端插件来调用，因此攻击者构建恶意的.ICA文件，诱使用户打开，可导致任意代码未授权执行。测试方法 Citrix Presentation Server 4.0 Citrix...

7AI score

Exploits0

seebug.org•added 2007/03/01 12:0 a.m.•31 views

Microsoft Office和Windows RichEdit组件内存破坏漏洞（MS07-014）

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows和Microsoft Office所捆绑的RichEdit组件中存在一个远程执行代码漏洞。中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时，就可能导致内存破坏，在用户系统上执行任意代码。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。要利用此漏洞，需要进行用大量的户交互。 Microsoft...

7.5AI score

Exploits0

CVE•added 2007/02/13 8:0 p.m.•61 views

CVE-2006-1311

CVE-2006-1311 is a remote code execution vulnerability in Microsoft RichEdit. The RichEdit components in Windows 2000 SP4, XP SP2, 2003 SP1 and Office suites (2000 SP3, XP SP3, 2003 SP2) plus Office for Mac 2004 and Learning Essentials are affected. The flaw arises from insufficient validation wh...

9.3CVSS7.4AI score0.31102EPSS

Exploits0References11Affected Software2

Microsoft Security Update•added 1970/01/01 12:0 a.m.•14 views

AKS-EE

Product Family for AKS Edge Essentials...

2.7AI score

Exploits0

Microsoft Security Update•added 1970/01/01 12:0 a.m.•12 views

Security Update for Learning Essentials 1.0 and 1.1 and 1.5 (KB929437)

Microsoft has released a security update for the Learning Essentials for Microsoft Office tools add-in versions 1.0, 1.1, and 1.5. This update addresses a vulnerability that could allow remote code execution...

5.1AI score

Exploits0

Microsoft Security Update•added 1970/01/01 12:0 a.m.•6 views

MSE: Product Enabled

Detects whether the Microsoft Security Essentials product has been disabled by either configuration or policy...

2.3AI score

Exploits0

Microsoft Security Update•added 1970/01/01 12:0 a.m.•6 views

SCVMM 2007 Server Essentials x86

Detects SCVMM 2007 Server Essentials SKU installation x86...

2.6AI score

Exploits0