99 matches found
FortiMail Messaging Security Appliance 4.0 Cross Site Scripting
Advisory: XSS vulnerability in FortiMail Messaging Security Appliance Advisory ID: SSCHADV2011-011 Author: Stefan Schurtz Affected Software: v4.0,build0245,101208 MR1 Patch 2 Vendor URL: http://www.fortinet.com/ Vendor Status: informed ========================== Vulnerability Description:...
CVE-2011-1903
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2011-1904
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
CVE-2011-1902
Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors...
Sql injection
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication ...
Command injection
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
CVE-2011-1905
Technical details about CVE-2011-1905 are not publicly available in the provided connected documents. The records summarize CSRF vulnerabilities in Proofpoint products but do not specify affected components, versions beyond general ranges, or remediation details. Monitor for updates.
CVE-2011-1904
CVE-2011-1904 affects Proofpoint products: Messaging Security Gateway 6.2.0.263/6.2.0.237 and earlier versions of Protection Server (5.5.3–5.5.5, 6.0.2, 6.1.1, 6.2.0). The issue is described as an unspecified function in the web interface that allows remote command execution via unknown vectors, ...
CVE-2011-1901
The CVE-2011-1901 entry concerns the mail-filter web interface in Proofpoint products: Proofpoint Messaging Security Gateway (versions up to 6.2.0.263:6.2.0.237) and Proofpoint Protection Server (5.5.3–5.5.5, 6.0.2, 6.1.1, 6.2.0). The flaw allows remote attackers to bypass authentication via unsp...
CVE-2011-1901
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors...
CVE-2011-1902
Directory traversal vulnerability in the web interface affects Proofpoint products: Messaging Security Gateway versions up to 6.2.0.263:6.2.0.237 and Proofpoint Protection Server versions 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0. The issue allows remote attackers to read arbitrary files via u...
CVE-2011-1903
The entry CVE-2011-1903 describes a SQL injection vulnerability in an unspecified function of Proofpoint Messaging Security Gateway (versions up to 6.2.0.263:6.2.0.237) and Proofpoint Protection Server (5.5.3–5.5.5, 6.0.2, 6.1.1, 6.2.0). The vulnerability allows remote attackers to execute arbitr...
Trend Micro Web Management Authentication Bypass Vulnerability
This Remote host is installed with Trend Micro OfficeScan, which is prone to Authentication Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodtrendmicroofficescanauthbypassvuln900205.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Trend Micro Web Management Authentication Bypass...
Trend Micro产品ObjRemoveCtrl类缓冲区溢出漏洞
BUGTRAQ ID:30633 CVE ID:CVE-2008-3364 CNCVE ID:CNCVE-20083364 多个Trend Micro产品处理ObjRemoveCtrl类存在安全问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 当通过WEB接口配置产品时OfficeScan Web控制台利用多个ActiveX控件,其中ObjRemoveCtrl类ActiveX控件存在边界错误,可触发基于堆栈的缓冲区溢出,精心构建WEB页,诱使用户访问可导致应用程序权限执行任意指令。 Trend Micro Client Server Messaging Security for...
CVE-2007-0325
CVE-2007-0325 is a remote buffer overflow in Trend Micro OfficeScan’s Web-Deployment SetupINICtrl ActiveX control (OfficeScanSetupINI.dll, SetupINICtrl) used by OfficeScan Web deployment. The flaw affects OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client/Server/Messag...
CVE-2006-1380
ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite IMSS 5.5 build 1183 and possibly other versions before 5.7.0.1121, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying ISNTSysMonitor.exe...
Trend Micro IMSS Console Management Detection
The remote host appears to run Trend Micro Interscan Messaging Security Suite, connections are allowed to the web console management. Make sure that only authorized hosts can connect to this service, as the information of its existence may help an attacker to make more sophisticated attacks again...
GAIM 0.75 Remote overflows
Background Gaim is a multi-platform and multi-protocol instant messaging client. It is compatible with AIM , ICQ, MSN Messenger, Yahoo, IRC, Jabber, Gadu-Gadu, and the Zephyr networks. Description Yahoo changed the authentication methods to their IM servers, rendering GAIM useless. The GAIM team...