Lucene search
K

88 matches found

NVD
NVD
added 2013/02/24 11:48 a.m.35 views

CVE-2012-6275

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...

10CVSS6.8AI score0.46498EPSS
Exploits8References1
NVD
NVD
added 2013/02/24 11:48 a.m.22 views

CVE-2012-6273

SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU aka search user request...

7.5CVSS8.3AI score0.0126EPSS
Exploits0References1
NVD
NVD
added 2013/02/24 11:48 a.m.22 views

CVE-2012-6274

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

5CVSS6.9AI score0.46868EPSS
Exploits8References1
Prion
Prion
added 2013/02/24 11:48 a.m.16 views

Stack overflow

Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via 1 the filename header in an SCH request or 2 the userid component in a DUPF request...

10CVSS7.3AI score0.46498EPSS
Exploits8References1
Prion
Prion
added 2013/02/24 11:48 a.m.17 views

Authentication flaw

BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors...

5CVSS7.4AI score0.46868EPSS
Exploits8References1
CVE
CVE
added 2013/02/24 11:0 a.m.138 views

CVE-2012-6274

BigAnt Server (BigAnt IM Message Server) is affected by CVE-2012-6274: an authentication bypass that permits remote unauthenticated file uploads to AntServer\DocData\Public via DUPF processing, with a reported directory-traversal weakness contributing to arbitrary file upload. Connected advisorie...

5CVSS7AI score0.46868EPSS
Exploits8References1Affected Software1
CVE
CVE
added 2013/02/24 11:0 a.m.56 views

CVE-2012-6273

CVE-2012-6273 : BigAntSoft BigAnt IM Message Server is affected by an SQL injection vulnerability where a search-user (SHU) request is constructed with insufficient sanitization, allowing remote execution of arbitrary SQL commands. The issue is consistently described across sources as an injectio...

7.5CVSS8.7AI score0.0126EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.72 views

CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ CORE-2012-1128 1. Advisory Information Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date...

0.3AI score0.22612EPSS
Exploits7
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.37 views

SAP Netweaver Message Server multiple security vulnerabilities

Code execution, DoS...

2.5AI score0.22612EPSS
Exploits7References1Affected Software1
0day.today
0day.today
added 2013/02/16 12:0 a.m.90 views

SAP Netweaver Message Server Buffer Overflow Vulnerability

Core Security Technologies Advisory - Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Message Server...

0.9AI score0.22612EPSS
Exploits7
erpscan
erpscan
added 2012/12/03 12:0 a.m.17 views

SAP NetWeaver PI SDK - XXE and XXE Tunneling

Application: SAP PI SDK Versions Affected: SAP PI SDK Vendor URL: http://www.sap.com Bugs: Security Bypass Exploits: YES Reported: 12.03.2012 Vendor response: 13.03.2012 Date of Public Advisory: 22.10.2012 Reference: SAP Security Note 1723641 Authors: Alexander Polyakov, Alexey Tyurin, Alexandr...

0.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2012/08/15 12:0 a.m.7 views

PT-2012-5341 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver ABAP versions 7.x Description: The issue allows remote attackers to cause a denial of service and execute arbitrary code via a long parameter value, crafted string size field, or long Parameter Name string in a package with opco...

10CVSS8AI score0.08703EPSS
Exploits0References9
securityvulns
securityvulns
added 2012/05/10 12:0 a.m.50 views

SQL Injection and other issues in Micro Technology Services, Inc. Lynx

Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system...

Exploits0
exploitpack
exploitpack
added 2012/05/07 12:0 a.m.36 views

Lynx Message Server - Multiple Vulnerabilities

Lynx Message Server - Multiple Vulnerabilities 1. Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2012/05/07 12:0 a.m.47 views

Lynx Message Server - Multiple Vulnerabilities

Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system...

7.4AI score
Exploits0
erpscan
erpscan
added 2011/08/04 12:0 a.m.29 views

SAP NetWeaver SPML - XML External Entity

Application: SAP NetWeaver JAVA Versions Affected: 6.40/7.02 maybe others Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 08.04.2011 Vendor response: 09.04.2011 Patched by SAP: 11.09.2012 Date of Public Advisory: 15.12.2012 Reference: SAP Security Note 1621534...

0.6AI score
Exploits0
erpscan
erpscan
added 2011/07/12 12:0 a.m.23 views

SAP Netweaver CCMS - XML External Entity

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 07.12.2011 Vendor response: 08.12.2011 Date of Public Advisory: 13.11.2012 Reference: SAP Security Note 1715040 Authors: Alexey Tyurin ERPScan...

0.7AI score
Exploits0
NVD
NVD
added 2007/07/09 4:30 p.m.15 views

CVE-2007-3624

Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group...

10CVSS8AI score0.36586EPSS
Exploits1References9
Prion
Prion
added 2007/07/09 4:30 p.m.19 views

Heap overflow

Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group...

10CVSS8.6AI score0.36586EPSS
Exploits1References9
Cvelist
Cvelist
added 2007/07/09 4:0 p.m.19 views

CVE-2007-3624

Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group...

8AI score0.36586EPSS
Exploits1References9
Rows per page
Query Builder