235 matches found
CVE-2007-3613
Cross-site scripting XSS vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service IGS allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...
CVE-2007-3613
Cross-site scripting XSS vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service IGS allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter...
CVE-2007-3613
The vulnerability CVE-2007-3613 is a Cross-site Scripting (XSS) in SAP Internet Graphics Service (IGS), affecting the ADM:GETLOGFILE function. The issue allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter. The NVD entry provides a MEDIUM severity (CVSS v2: AV:N...
SAP Internet Graphics Server XSS and Heap Overflow
======= Summary ======= Name: SAP Internet Graphics Server XSS and Heap Overflow Release Date: 5 July 2007 Reference: NGS00487 Discover: Mark Litchfield [email protected] Vendor: SAP Vendor Reference: SECRES-288 Systems Affected: Risk: Medium Status: Fixed ======== TimeLine ======== Discovered...
CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSRemoteBufferOverflow.pdf This advisory contains the full-detailed information regarding the vulnerability described in...
CVE-2006-6346
SAP Internet Graphics Service (IGS) affected: 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier (CVE-2006-6346). Described as an unspecified vulnerability related to "Undocumented Features" that could allow remote attackers to cause a denial of service, obtain configuration files,...
CVE-2006-6345
CVE-2006-6345 affects SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, with a directory traversal in HTTP requests that lets remote attackers delete arbitrary files. Root cause: traversal sequences exploited by the HTTP handling in IGS. Impact...
CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal
The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSRemoteArbitraryFileRemoval.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Remote Arbitrary File Removal ==================...
CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features
The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSUndocumentedFeatures.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Undocumented Features ================== Vulnerability...
CVE-2006-4134
Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service IGS 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service service shutdown via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details...
CVE-2006-4134
Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service IGS 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service service shutdown via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details...
CVE-2006-4133
SAP Internet Graphics Service (IGS) vulnerable to a heap-based buffer overflow in 6.40 and earlier, and 7.00 and earlier. An HTTP request containing an ADM:GETLOGFILE command with a long portwatcher argument can overflow during error message construction when _snprintf returns a negative value th...
CVE-2006-4134
SAP Internet Graphics Service (IGS) affects 6.40 and earlier, and 7.00 and earlier. CVE-2006-4134 describes an unspecified design-flaw that enables remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. Related entries (CVE-2006-6345 and CVE-2006-6346) describ...
Corsaire Security Advisory 2005-05-03.1
-- Corsaire Security Advisory -- Title: SAP Internet Graphics Server traversal issue Date: 03.05.05 Application: SAP prior to version 6.40 Patch 11 Environment: Various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c050503-001 -- Scope -- The aim of thi...
Corsaire Security Advisory: SAP Internet Graphics Server traversal issue
-- Corsaire Security Advisory -- Title: SAP Internet Graphics Server traversal issue Date: 03.05.05 Application: SAP prior to version 6.40 Patch 11 Environment: Various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c050503-001 -- Scope -- The aim of thi...