9 matches found
EUVD-2012-6456
Malware in sbrugna...
CVE-2012-6609
Directory traversal vulnerability in agetlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. dot dot in the name parameter...
CVE-2012-6609
CVE-2012-6609 is a directory traversal in Polycom HDX Video Endpoints (before 3.0.4) and UC APL (before 2.7.1.J). An attacker can read arbitrary files by supplying .. in the name parameter via a_getlog.cgi. The NVD entry reports CVSSv2 base score 5.0 (MEDIUM) and CVSSv3.1 base score 7.5 (HIGH), w...
CVE-2012-6609
Directory traversal vulnerability in agetlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. dot dot in the name parameter...
CVE-2012-6610
CVE-2012-6610 affects Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J. The vulnerability is a command injection that allows remote authenticated users to execute arbitrary commands via the ping feature, demonstrated by using a semicolon to inject commands. Evidence from multip...
CVE-2012-6610
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; semicolon to the ping command feature...
Polycom® HDX® Video End Points Web Management Cross Site Scripting (XSS) vulnerability
Polycom® HDX® Video End Points Web Management Cross Site Scripting XSS vulnerability: - CVE: CVE-2012-4970 - Deloitte Argentina Advisory Code: DTTAR-20120001 - Vendor Status: CONFIRMED - Public Disclosure Date: December, 23rd, 2012. - Vendors Affected: Polycom - http://www.polycom.com/ - Systems...
Polycom HDX Video End Points crossite scripting
Crossite scripting in web management interface...
CVE-2012-4970
CVE-2012-4970 is a cross-site scripting (XSS) vulnerability in the web management interface of Polycom HDX Video End Points. Affected software includes UC APL prior to 2.7.1_J and commercial prior to 3.0.5. Polycom fixed the issue starting with commercial build 3.0.5 and UC APL 2.7.1.1_J; the spe...