17 matches found
EUVD-2014-1901
Malware in sbrugna...
EUVD-2014-1900
Malware in sbrugna...
iThoughtsHD任意文件上传漏洞
CVE ID:CVE-2014-1827 iThoughtsHD是一款ios应用,属于思维导图软件。 iPad设备上使用的iThoughtsHD app 4.19 for iOS,在启用了WiFi Transfer功能后,可使远程攻击者通过上传诸如.html%00.txt的文件,即在扩展名后加%00序列来达到上传任意文件的目的。 0 iThoughtsHD iThoughtsHD 4.19 目前厂商还没有提供补丁或者升级程序: www.ithoughts.co.uk/...
iThoughtsHD拒绝服务漏洞
CVE ID:CVE-2014-1828 iThoughtsHD是一款ios应用,属于思维导图软件。 iPad设备上使用的iThoughtsHD app 4.19 for iOS的iThoughts Web服务器存在安全漏洞,可使远程攻击者通过上传较大的文件造成拒绝服务。 0 iThoughtsHD iThoughtsHD 4.19 目前厂商还没有提供补丁或者升级程序: www.ithoughts.co.uk/...
CVE-2014-1827
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
CVE-2014-1828
The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote attackers to cause a denial of service disk consumption by uploading a large file...
Design/Logic Flaw
The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote attackers to cause a denial of service disk consumption by uploading a large file...
Design/Logic Flaw
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file...
Cross site scripting
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
CVE-2014-1828
The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote attackers to cause a denial of service disk consumption by uploading a large file...
CVE-2014-1826
The CVE-2014-1826 entry concerns iThoughtsHD for iOS (iPad) version 4.19, where the WiFi Transfer feature allows cross-site scripting via a crafted map name. The vulnerability is an XSS in the map name handling, enabling remote attackers to inject arbitrary web script or HTML when the map name is...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
CVE-2014-1827
The CVE-2014-1827 entry affects iThoughtsHD 4.19 for iOS on iPad, where enabling WiFi Transfer allows remote upload of arbitrary files by exploiting a null-byte (%00) injection after a dangerous extension (demonstrated with .html%00.txt). Affected component is the web upload interface; root cause...
CVE-2014-1827
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file...
CVE-2014-1828
The CVE-2014-1828 entry concerns iThoughtsHD for iOS (iPad), where the iThoughts web server component in version 4.19 exposes a Denial of Service risk via uploading large files. The observed impact is disk consumption leading to service disruption. The vulnerability details across connected sourc...
iThoughtsHD 4.19 DoS / XSS / File Upload
iThoughts Multiple Vulnerabilities 24 March 2014 Authors: James Davis , Justin C. Klein Keane Description of Vulnerability iThoughtsHD brings mind mapping to the iPad. Based on the award winning iThoughts for iPhone, iThoughtsHD has been designed specifically for the iPad. iThoughtsHD will import...