3 matches found
EUVD-2012-4927
Malware in sbrugna...
Design/Logic Flaw
nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted 1 SiteUrl or 2 RedirectUrl parameter that points to a Trojan Horse client.zip update file...
CVE-2012-5003
nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted 1 SiteUrl or 2 RedirectUrl parameter that points to a Trojan Horse client.zip update file...