5 matches found
EUVD-2002-1110
Malware in sbrugna...
IBM ISS Internet扫描器HTML代码注入漏洞
BUGTRAQ ID: 28014 ISS Internet Scanner是一款商业性质的漏洞扫描评估工具。 ISS Internet扫描器在保存HTML报表时没有正确地验证对某些参数的输入,这可能导致注入任意HTML和脚本代码,当用户查看报表的时候就会在浏览器会话中执行。 IBM ISS Internet Scanner 7.0 SP2 build 7.2.2005.52 厂商补丁: IBM --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.ers.ibm.com/...
CVE-2002-1122
ISS Internet Scanner 6.2.1 is affected by a buffer overflow in the license banner HTTP check during parsing of a long HTTP response, enabling remote code execution. Foundstone advisorySECURITYVULNS:DOC:3512 confirms the issue and notes vendor ISS issued a fix included in X-Press Update 6.17; appl...
CVE-2002-1122
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response...
CVE-2002-1122
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response...