16 matches found
EUVD-2011-2071
Malware in sbrugna...
EUVD-2011-2072
Malware in sbrugna...
EUVD-2014-5258
Malware in sbrugna...
BlueDragon 6.2.1 / 7.0 / 7.1 Cross Site Scripting
I. VULNERABILITY BlueDragon 6.2.1, 7.0, 7.1 Reflected Cross-Site Scripting II. SOURCE: http://www.newatlanta.com/c/products/bluedragon/download/home III. BACKGROUND BlueDragon is a family of runtime server-side products for the deployment of ColdFusion Markup Language CFML pages - with native...
CVE-2014-5370
Directory traversal vulnerability in the CFChart servlet com.naryx.tagfusion.cfm.cfchartServlet in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. dot dot in the QUERYSTRING to cfchart.cfchart...
Directory traversal
Directory traversal vulnerability in the CFChart servlet com.naryx.tagfusion.cfm.cfchartServlet in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. dot dot in the QUERYSTRING to cfchart.cfchart...
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File Retrieval/Deletion
Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion
BlueDragon CFChart Servlet 7.1.1.17759 - Arbitrary File RetrievalDeletion Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version:...
BlueDragon CFChart Servlet 7.1.1.17759 Directory Traversal
Vulnerability title: Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE: CVE-2014-5370 Vendor: New Atlanta Product: BlueDragon CFChart Servlet Affected version: 7.1.1.17759 Fixed version: 7.1.1.18527 Reported by: Mike Westmacott Details: The CFChart servlet of...
CVE-2011-2078
Multiple cross-site scripting XSS vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-2077
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Default configuration
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session...
CVE-2011-2077
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1, which makes it easier for remote attackers to have an unspecified impact via a TCP session...
CVE-2011-2078
Technical details (affected product/versions, root cause, exploitability) are not publicly provided in the supplied documents. Monitor for updates from these sources.
CVE-2011-2077
The CVE-2011-2077 entry concerns the default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier, which allows external TCP connections to port 10000 instead of restricting to 127.0.0.1. This misconfiguration enables remote TCP sessions and is described...