Lucene search
K

973 matches found

Cvelist
Cvelist
added 2007/11/01 5:0 p.m.20 views

CVE-2002-2409

Photon microGUI in QNX Neutrino realtime operating system RTOS 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID...

6.2AI score0.00709EPSS
Exploits0References3
securityvulns
securityvulns
added 2007/10/31 12:0 a.m.50 views

Airkiosk/formlib application is XSS vuln

In the last week I've found a XSS vuln into the Sutra's Airkiosk application for the realtime distribution of flights/booking and check-in interface www.airkiosk.com. The XSS is possible because they are using a VULN/OLD formlib.pl in their application that permits to execute any JavaScript you...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2007/07/24 12:0 a.m.37 views

securityreporter-traverse.txt

SECURITYREPORTER - AUTHENTICATION BYPASS AND DIRECTORY TRAVERSAL VULNERABILITY Product: SecurityReporter Version: 4.6.3 Build Date: 04/20/2007 Platform: Win32 Vendor: Secure Computing www.securecomputing.com Product Description ------------------- "SecurityReporter is a security event analysis an...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/23 12:0 a.m.48 views

[Full-disclosure] Secure Computing - Security Reporter Auth Bypass and Directory Traversal Vulnerability

SECURITYREPORTER - AUTHENTICATION BYPASS AND DIRECTORY TRAVERSAL VULNERABILITY Product: SecurityReporter Version: 4.6.3 Build Date: 04/20/2007 Platform: Win32 Vendor: Secure Computing www.securecomputing.com Product Description ------------------- "SecurityReporter is a security event analysis an...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2007/06/03 12:0 a.m.20 views

Ignite Realtime Openfire未明特权提升漏洞

Ignite Realtime Openfire是一款实时协作服务程序。 Ignite Realtime Openfire存在多个问题,远程攻击者可以利用漏洞提升特权。 漏洞允许恶意用户通过内置的管理控制台上传代码到Openfire而执行任意指令。目前没有详细漏洞细节提供。 Ignite Realtime Openfire 3.3 升级程序: Ignite Realtime Openfire 3.3 Ignite Realtime openfire-3.3.1-1.i386.rpm...

7.1AI score
Exploits0
NVD
NVD
added 2007/06/01 1:30 a.m.12 views

CVE-2007-2975

The admin console in Ignite Realtime Openfire 3.3.0 and earlier formerly Wildfire does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the...

7.5CVSS7.8AI score0.02541EPSS
Exploits0References5
Prion
Prion
added 2007/06/01 1:30 a.m.13 views

Design/Logic Flaw

The admin console in Ignite Realtime Openfire 3.3.0 and earlier formerly Wildfire does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the...

7.5CVSS8.4AI score0.02541EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/06/01 1:0 a.m.17 views

CVE-2007-2975

The admin console in Ignite Realtime Openfire 3.3.0 and earlier formerly Wildfire does not properly specify a filter mapping in web.xml, which allows remote attackers to gain privileges and execute arbitrary code by accessing functionality that is exposed through DWR, as demonstrated using the...

7.8AI score0.02541EPSS
Exploits0References5
CVE
CVE
added 2007/06/01 1:0 a.m.45 views

CVE-2007-2975

CVE-2007-2975 affects Ignite Realtime Openfire 3.3.0 and earlier (Wildfire). The root cause is an improper filter mapping specification in web.xml for the admin console, allowing remote attackers to gain privileges and execute arbitrary code via functionality exposed through DWR (demonstrated usi...

7.5CVSS7.8AI score0.02541EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2007/02/07 12:0 a.m.28 views

solaris/sparc connect-back (with XNOR encoded session) 600 bytes

No description provided by source. / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o is encoded using a simple NOT algo before being transmitted on the wire...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/02/08 12:0 a.m.44 views

[Full-disclosure] iDefense Security Advisory 02.07.06: QNX RTOS 6.3.0 rc.local Insecure File Permissions Vulnerability

QNX RTOS 6.3.0 rc.local Insecure File Permissions Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=387 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for use...

1.2AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.15 views

CVE-2002-2039

/bin/su in QNX realtime operating system RTOS 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV invalid memory reference signal...

2.1CVSS5.8AI score0.00844EPSS
Exploits1References3
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-2041

Multiple buffer overflows in realtime operating system RTOS 6.1.0 allows local users to execute arbitrary code via 1 a long ABLANG environment variable in phlocale or 2 a long -u option to pkg-installer...

7.2CVSS7.4AI score0.01237EPSS
Exploits1References5
Rows per page
Query Builder