4 matches found
CVE-2014-1816
Microsoft XML Core Services aka MSXML 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover 1 full pathnames on the client system and 2 local usernames embedded in these pathnames via a crafted w...
Design/Logic Flaw
Microsoft XML Core Services aka MSXML 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover 1 full pathnames on the client system and 2 local usernames embedded in these pathnames via a crafted w...
CVE-2014-1816
Microsoft XML Core Services aka MSXML 3.0 and 6.0 does not properly restrict the information transmitted by Internet Explorer during a download action, which allows remote attackers to discover 1 full pathnames on the client system and 2 local usernames embedded in these pathnames via a crafted w...
Nortel CVX 1800s will dump all local user names and passwords via SNMP
The Nortel CVX 1800 is a modem bank containing up to 2600 modems per box. Many ISP's are using them for their dial-up customers. While querying the CVX-1800 for SNMP codes to use in a modem statistics program I was writing, I discovered the CVX-1800 will spill out all user names and passwords in...