Lucene search
+L

978 matches found

securityvulns
securityvulns
added 2011/02/14 12:0 a.m.62 views

ASPR #2011-02-11-1: Remote Binary Planting in Adobe Reader

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2011-02-11-1 ------------------------------------------------------------------------- ASPR 2011-02-11-1: Remote Binary Planting in Adobe Reader...

6.9CVSS9.6AI score0.00673EPSS
Exploits0
nvd
nvd
added 2011/01/19 5:0 p.m.23 views

CVE-2010-4429

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Client, a different vulnerability than CVE-2010-3505...

3.5CVSS5.4AI score0.01031EPSS
Exploits0References6
prion
prion
added 2011/01/19 5:0 p.m.20 views

Code injection

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Client, a different vulnerability than CVE-2010-3505...

3.5CVSS5.6AI score0.01031EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2011/01/19 4:0 p.m.23 views

CVE-2010-4429

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Client, a different vulnerability than CVE-2010-3505...

5.4AI score0.01031EPSS
Exploits0References6
nvd
nvd
added 2010/12/29 6:0 p.m.21 views

CVE-2010-4600

Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue...

5CVSS6.3AI score0.01229EPSS
Exploits0References3
nvd
nvd
added 2010/12/29 6:0 p.m.16 views

CVE-2010-4602

The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark...

4CVSS6.1AI score0.0115EPSS
Exploits1References4
cve
cve
added 2010/12/29 5:27 p.m.50 views

CVE-2010-4602

IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 contains a web client vulnerability that allows remote authenticated users to bypass the “restricted user” restrictions and read arbitrary records by modifying the record number in the URL for a RECORD action (e.g., via a b...

4CVSS6.3AI score0.0115EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2010/12/29 5:27 p.m.19 views

CVE-2010-4602

The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark...

6.1AI score0.0115EPSS
Exploits1References4
cve
cve
added 2010/12/29 5:27 p.m.51 views

CVE-2010-4600

CVE-2010-4600 affects IBM Rational ClearQuest Web Client using Dojo Toolkit: versions 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 expose cookie data to remote attackers who navigate to a Dojo file via an related “open direct” issue. The vulnerability is an information disclosure in the Dojo...

5CVSS6.5AI score0.01229EPSS
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2010/11/10 12:0 a.m.70 views

ASPR #2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-11-10-3 ------------------------------------------------------------------------- ASPR 2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010...

9.3CVSS0.11139EPSS
Exploits0
nessus
nessus
added 2010/11/03 12:0 a.m.12 views

Web Client Detection

Binary data 5697.prm...

7.3AI score
Exploits0
nessus
nessus
added 2010/08/25 12:0 a.m.16 views

Serv-U < 10.2.0.0

According to its banner, the installed version of Serv-U is earlier than 10.2.0.0 and is, therefore, potentially affected by the following issues : - It is possible to create a directory, when using virtual paths and various combinations of permissions, where the end-user does not have permission...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2010/08/19 12:0 a.m.141 views

ACROS Security: Remote Binary Planting in Apple iTunes for Windows &#40;ASPR #2010-08-18-1&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-08-18-1 ------------------------------------------------------------------------- ASPR 2010-08-18-1: Remote Binary Planting in Apple iTunes for Windows...

1.1AI score
Exploits0
nessus
nessus
added 2010/08/18 12:0 a.m.15 views

Serv-U < 10.2.0.0 Multiple Vulnerabilities

Binary data 5635.prm...

7.3AI score
Exploits0References1
redhat
redhat
added 2010/08/04 9:30 p.m.5 views

httpd: Expect header XSS

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

4.3CVSS7.1AI score0.94926EPSS
Exploits7References4
nessus
nessus
added 2010/08/02 12:0 a.m.38 views

Wing FTP Server < 3.6.1 Multiple Flaws

According to its banner, the remote host is running a version of Wing FTP Server earlier than 3.6.1. Such versions are reportedly affected by multiple issues : - An unspecified issue in the SSH implementation could allow an authenticated attacker to trigger a denial of service condition. - An...

5.6AI score
Exploits0References1
nvd
nvd
added 2010/05/26 6:30 p.m.25 views

CVE-2009-4873

Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service server crash or execute arbitrary code via a long Session cookie...

10CVSS8AI score0.20553EPSS
Exploits1References4
cve
cve
added 2010/05/26 6:0 p.m.56 views

CVE-2009-4873

CVE-2009-4873 describes a stack-based buffer overflow in the HTTP server of Rhino Software Serv-U Web Client 9.0.0.5, exploitable via a long Session cookie to cause a denial of service or arbitrary code execution. Multiple connected sources confirm the vulnerability, with OpenVAS and Nessus notin...

10CVSS8.3AI score0.20553EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2010/04/14 12:0 a.m.51 views

ACROS Security: Remote Binary Planting in VMware Tools for Windows &#40;ASPR #2010-04-12-1&#41;

=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-04-12-1 ------------------------------------------------------------------------- ASPR 2010-04-12-1: Remote Binary Planting in VMware Tools for Windows...

0.5AI score
Exploits0
checkpoint_advisories
checkpoint_advisories
added 2010/01/31 12:0 a.m.3 views

Rhino Software Serv-U Web Client HTTP Request Remote Buffer Overflow

A code execution vulnerability exists in Rhino Software Serv-U. The vulnerability is due to a buffer overflow that can occur when Servu-U Web Client handles overly large HTTP requests. Remote attackers could exploit this vulnerability by sending a malicious HTTP request to a vulnerable version of...

7.9AI score
Exploits0
Rows per page
Query Builder