28 matches found
EUVD-2002-0710
Malware in sbrugna...
EUVD-2002-0711
Malware in sbrugna...
Microsoft Content Management Server fails to properly process crafted HTTP requests
Overview A vulnerability in the way Microsoft Content Managment Server handles HTTP requests may lead to execution of arbitrary code. Description Microsoft Content Managment Server CMS contains a vulnerability that could be exploited when it attempts to process specially crafted HTTP requests...
Cross site scripting
Cross-site scripting XSS vulnerability in Microsoft Content Management Server MCMS 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability."...
Memory corruption
Microsoft Content Management Server MCMS 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."...
CVE-2007-0938
Microsoft Content Management Server MCMS 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."...
CVE-2007-0939
CVE-2007-0939 is an XSS vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2. The issue arises from MCMS not fully validating input in HTML redirect queries, allowing remote attackers to inject script or HTML that runs in a user’s browser. Exploitation requires user i...
Microsoft Content Management Server multiple security vulnerabilities
Crossite scripting, memory corruption...
Microsoft Content Management Server Cross-Site Scripting Vulnerability
Description Microsoft Content Management Server MCMS is prone to an unspecified cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
Microsoft Content Management Server Remote Code Execution Vulnerability
Description Microsoft Content Management Server MCMS is prone to an arbitrary code-execution vulnerability because the software fails to properly validate user-supplied input. Exploiting this issue allows remote attackers to execute arbitrary machine code on affected computers with the privileges...
Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939)
Microsoft Security Bulletin MS07-018 Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution 925939 Published: April 10, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Content Management Server Impact of Vulnerability: Remote...
CVE-2003-0002
Cross-site scripting vulnerability XSS in ManualLogin.asp script for Microsoft Content Management Server MCMS 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter...
CVE-2002-0700
Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server MCMS 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL...
CVE-2002-0718
CVE-2002-0718 affects Microsoft Content Management Server (MCMS) 2001. The vulnerability lies in the Web authoring function, allowing an attacker to authenticate and upload executable content by modifying the upload location (Program Execution via MCMS Authoring Function). Related data in the con...
CVE-2002-0700
This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...
CVE-2002-0719
SQL injection vulnerability in the function that services for Microsoft Content Management Server MCMS 2001 allows remote attackers to execute arbitrary commands via an MCMS resource request for image files or other files...
CVE-2002-0718
Web authoring command in Microsoft Content Management Server MCMS 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."...
Microsoft Content Management Server (MCMS) 2001 Multiple Remote Vulnerabilities
The remote host is running Microsoft Content Management Server. There is a buffer overflow in the Profile Service that could allow an attacker to execute arbitrary code on this host. C Tenable Network Security, Inc. Supercedes MS02-010 Thanks to Dave Aitel for the details. include"compat.inc"; if...
CVE-2003-0002
Cross-site scripting vulnerability XSS in ManualLogin.asp script for Microsoft Content Management Server MCMS 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter...
Microsoft Content Management Server crossite scripting
Crossite scripting in ManualLogin.asp...