CVE-2007-2354

Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information...

CVE-2007-2354

CVE-2007-2354 affects Progress Webspeed Messenger. The vulnerability arises from a WService parameter containing “wsbroker1/webutil/about.r” that can disclose operating system and product information to remote attackers, constituting an information-disclosure issue. The connected documents confir...

CVE-2007-2354

Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information...

Code injection

Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...

CVE-2007-2266

Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...

CVE-2007-2266

Progress Webspeed Messenger is affected by a vulnerability where an attacker can remotely read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated through the save, editor options usin...

CVE-2007-2266

Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...