34 matches found
EUVD-2018-18050
Malware in sbrugna...
EUVD-2018-18052
Malware in sbrugna...
EUVD-2013-5867
Malware in sbrugna...
EUVD-2018-18051
Malware in sbrugna...
EUVD-2018-18049
Malware in sbrugna...
Kaspersky Secure Mail Gateway Configuration File Injection Vulnerability
Kaspersky Secure Mail Gateway is an email security solution from Russia's Kaspersky Lab. The program is able to automatically filter spam, phishing sites and various malicious attachments. A security vulnerability exists in Kaspersky Secure Mail Gateway version 1.1. An attacker can exploit the...
Kaspersky Secure Mail Gateway Cross-Site Request Forgery Vulnerability
Kaspersky Secure Mail Gateway is an email security solution from Russia's Kaspersky Lab. The program is able to automatically filter spam, phishing sites and various malicious attachments. A cross-site request forgery vulnerability exists in Kaspersky Secure Mail Gateway version 1.1. A remote...
CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6290
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1...
Cross site scripting
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6288
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1...
Cross site request forgery (csrf)
Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1...
Design/Logic Flaw
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6291
WebConsole Cross-Site Scripting in Kaspersky Secure Mail Gateway version 1.1...
Privilege escalation
Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1...
CVE-2018-6288
Kaspersky Secure Mail Gateway 1.1.0.379 Web Management Console has multiple CSRF/CONFIG injection flaws described by CORE-2017-0010: CVE-2018-6288 enables admin takeover via missing anti-CSRF tokens; CVE-2018-6289 injects Postfix config to run commands as root; CVE-2018-6290 uses a setuid binary ...
CVE-2018-6289
Kaspersky Secure Mail Gateway 1.1.0.379 has a Web Management Console vulnerability (CVE-2018-6289) that allows configuration-file injection into /etc/postfix/main.cf, enabling arbitrary commands to execute as root. The Core Security advisory CORE-2017-0010 details that adding a crafted BCC addres...
CVE-2018-6289
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...