42 matches found
IBM Lotus Domino Web Access EMAIL消息HTML注入漏洞
IBM Lotus Domino Web Access是一款基于消息和Lotus Domino服务器的合作接口。 IBM Lotus Domino Web Access存在跨站脚本问题,远程攻击者可以利用漏洞获得目标用户敏感信息。 问题是由于不正确EMAIL消息内容中的HTML数据,虽然WEB访问具有部分HTML和脚本代码过滤功能,但部分代码序列可用于绕过过滤和成功执行JavaScript代码。 IBM Lotus Domino 7.0.2 IBM Lotus Domino 7.0.1 IBM Lotus Domino 7.0 IBM Lotus Domino 6.5.5 FP2 IBM...
CVE-2005-4093
Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint...