16 matches found
CVE-2021-3183
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...
CVE-2021-3183
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...
CVE-2021-3183
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...
Authentication flaw
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...
CVE-2021-3183
Files.com Fat Client 3.3.6 allows authentication bypass because the client continues to have access after a logout and a removal of a login profile...
CVE-2021-3183
CVE-2021-3183 affects Files.com Fat Client 3.3.6. The vulnerability is an authentication bypass where the client retains access after logout and after a login profile is removed. Root cause is not explicitly detailed in the provided documents. Impact: potential unauthorized access to the applicat...
File.com Fat Client Code Issue Vulnerability
File.com Fat Client is a fat client application from US-based File.com. A code issue vulnerability exists in Files.com Fat Client 3.3.6 that allows bypassing authentication because the client still has access after logging out and deleting the login profile...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
Design/Logic Flaw
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
Removed by vendor...
CVE-2019-20373
LTSP LDM through 2.18.06 allows fat-client root access because the LDMUSERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script...
CVE-2019-20373
CVE-2019-20373 affects LTSP’s Display Manager (ldm) up to version 2.18.06. A local attacker can gain root by exploiting an empty LDM_USERNAME when a user’s shell lacks Bourne shell syntax support, via the run-x-session script. The issue is a local privilege escalation in LTSP LDM. Affected deploy...
Junos Pulse Secure Meeting 8.0.5 Access Bypass Vulnerability
Junos Pulse Secure Meeting version 8.0.5 allows an attacker to enter "secure" meetings without knowledge of the password and the invitation link using the java fat client meetingAppSun.jar. Vulnerablity Title ================== Secure Meeting Pulse Collaboration issue may allow authenticated user...
Junos Pulse Secure Meeting 8.0.5 Access Bypass
Profundis Labs Security Advisory https://profundis-labs.com/advisories/CVE-2015-7323.txt Product: ================================ Junos Pulse Secure Meeting Secure Meeting is a part of the Junos Puls Collaboration software, which allows you to organize and holding virtual meetings with internal...
CVE-2004-1755
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges...