51 matches found
EUVD-2009-1078
Malware in sbrugna...
EUVD-2010-3542
Malware in sbrugna...
EUVD-2008-5093
Malware in sbrugna...
EUVD-2008-0251
Malware in sbrugna...
EUVD-2008-0252
Malware in sbrugna...
EUVD-2009-1085
Malware in sbrugna...
EUVD-2008-5096
Malware in sbrugna...
CVE-2009-1079
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19659, 19660, and 19683...
CVE-2009-1081
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661...
Sun Java System Identity Manager 6.0/7.0/7.1 /idm/help/index.jsp helpUrl Variable Remote Frame Injection
No description provided by source. source: http://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting issues, because it fails to adequately sanitize user-supplied...
Sun Java System Identity Manager 6.0/7.x Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/32262/info Sun Java System Identity Manager is prone to multiple web-interface vulnerabilities, including a cross-site request-forgery issue, multiple cross-site scripting issues, multiple HTML-injection issues, and a...
Sun Java System Identity Manager ext Parameter Arbitrary File Retrieval
The version of Sun Java System Identity Manager hosted on the remote web server fails to sanitize user-supplied input to 'ext' parameter in file 'includes/helpServer.jsp' before using it to display help files. An unauthenticated attacker can exploit this vulnerability to retrieve arbitrary files...
Default credentials
The Change My Password implementation in the admin interface in Sun Java System Identity Manager IdM 7.0 through 8.0 does not enforce the RequiresChallenge property setting, which allows remote authenticated users to change the passwords of other users, as demonstrated by changing the...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19659, 19660, and 19683...
Code injection
Sun Java System Identity Manager IdM 7.0 through 8.0 does not enforce the expected privilege requirements for 1 deleting audit policies and 2 modifying workflows, which allows remote authenticated users to have an unspecified impact...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033...
CVE-2009-1080
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033...
Default credentials
Sun Java System Identity Manager IdM 7.0 through 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...
CVE-2009-1078
Sun Java System Identity Manager IdM 7.0 through 8.0 does not enforce the expected privilege requirements for 1 deleting audit policies and 2 modifying workflows, which allows remote authenticated users to have an unspecified impact...
CVE-2009-1081
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager IdM 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661...