7 matches found
Code injection
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
CVE-2010-1356
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
Code injection
The SSH service on the TANDBERG Video Communication Server VCS before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets...
Cross site scripting
Cross-site scripting XSS vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316...
CVE-2010-1355
Cross-site scripting XSS vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316...
CVE-2009-4511
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server VCS before X5.1 allow remote authenticated users to read arbitrary files via a .. dot dot in the page parameter to 1 helppage.php or 2 user/helppage.php...
CVE-2009-4510
The CVE-2009-4510 issue affects TANDBERG Video Communication Server (VCS) firmware where SSH services ship with a fixed DSA host key prior to X5.1. This hard-coded key enables remote attackers to perform server impersonation and man-in-the-middle attacks on SSH connections, potentially yielding s...