MS13-007: Description of the security update for the Management OData IIS Extension on Windows Server 2012: January 8, 2013

MS13-007: Description of the security update for the Management OData IIS Extension on Windows Server 2012: January 8, 2013 INTRODUCTION Microsoft has released security bulletin MS13-007. To view the complete security bulletin, go to one of the following Microsoft websites: Home users:...

MS FrontPage 98 Server Extensions for IIS,MS InterDev 1.0 Filename Obfuscation

No description provided by source. source: http://www.securityfocus.com/bid/1108/info Two dlls dvwssr.dll and mtd2lv.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack include an obfuscation string that manipulates the name of requested files. Knowing...

PT-2013-2056 · Microsoft · Management Odata Iis Extension +3

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 3.5 through 4 Management OData IIS Extension on Windows Server 2012 Description: A denial of service issue exists in the OData protocol implementation, allowing remote attackers to cause a denial of service v...

Microsoft OData CVE-2013-0005 Denial of Service Vulnerability

Description The Microsoft OData specification is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive or to crash, denying service to legitimate users. Technologies Affected Microsoft Management OData IIS Extension Microsof...

CVE-2010-0112

CVE-2010-0112 — Symantec IM Manager before version 8.4.16 is affected by multiple SQL injection vulnerabilities in the Administrative Interface (IIS extension). The issues allow remote attackers to inject SQL via numerous parameters (e.g., rdReport, DetailReportGroup, SummaryReportGroup, LoggedIn...

Symantec IM Manager Administrative Interface SummaryReportGroup.lgx Definition File SQL Injection Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx page which is exposed through an IIS extension on the defau...

Symantec IM Manager Administrative Interface LoggedInUsers.lgx Definition File SQL Injection Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx and rdPage.aspx pages which is exposed through an IIS...

Symantec IM Manager Administrative Interface DetailReportGroup.lgx Definition File SQL Injection Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdPageImlogic.aspx page which is exposed through an IIS extension on the defau...

Symantec IM Manager Administrative Interface rdpageimlogic.aspx SQL Injection Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec IM Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rdpageimlogic.aspx page which is exposed through an IIS extension on the defau...