7 matches found
CVE-2012-6275
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...
BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities
BigAntSoft BigAnt IM Message Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-6274
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...
CVE-2012-6273
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU aka search user request...
CVE-2012-6275
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...
Authentication flaw
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...
CVE-2012-6273
CVE-2012-6273 : BigAntSoft BigAnt IM Message Server is affected by an SQL injection vulnerability where a search-user (SHU) request is constructed with insufficient sanitization, allowing remote execution of arbitrary SQL commands. The issue is consistently described across sources as an injectio...