MS12-070: Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849)

The remote host has a version of Microsoft SQL Server installed. This version of SQL Server is running SQL Server Reporting Services SRSS, that is affected by a cross-site scripting XSS vulnerability that could allow elevation of privileges. Successful exploitation could allow an attacker to...

CVE-2009-2489

Unspecified vulnerability in the utdmsession program in Sun Ray Server Software SRSS 4.0 allows local users to access the sessions of arbitrary users via unknown vectors...

CVE-2009-2489

Technical details for CVE-2009-2489 are not publicly provided in the connected documents. The references describe an unspecified local-access vulnerability in Sun Ray Server Software 4.0 but do not specify affected versions, exploitation vectors, or fixes. Monitor for updates.

CVE-2009-2491

The CVE-2009-2491 entry describes a vulnerability in the utaudiod daemon of Sun Ray Server Software (SRSS) 4.0 where, with Solaris Trusted Extensions enabled, local users could access other users’ sessions via unknown vectors related to resource leaks. The available sources (NVD/NVD mirror) confi...

CVE-2002-2036

Sun Ray Server Software (SRSS) 1.3 with Non-Smartcard Mobility (NSCM) enabled is affected. The issue allows remote attackers to log in as another user by running dtlogin on a system with XDMCP client support, indicating a network-exposed authentication bypass via XDMCP/X11 components. The core de...

CVE-2004-0701

The affected product is Sun Ray Server Software (SRSS) 1.3 and 2.0 running on Solaris 2.6, 7, or 8. The issue is that SRSS does not reliably detect a smartcard removal when the card is quickly removed, reinserted, and removed again, which can leave a user session logged in and allow local users t...