10 matches found
CVE-2024-39334
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client process is running. The server process is not affected...
EUVD-2004-2469
Malware in sbrugna...
EUVD-2015-5039
Malware in sbrugna...
CVE-2024-39334
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client process is running. The server process is not affected...
CVE-2015-5022
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...
Design/Logic Flaw
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...
CVE-2015-5022
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.32, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain sensitive information ...
CVE-2004-2478
The CVE-2004-2478 entry concerns Jetty HTTP Server in affected products (IBM Trading Partner Interchange < 4.2.4; CA Unicenter Web Services Distributed Management
CVE-2004-2478
Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...
CVE-2004-2478
Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...