18 matches found
EUVD-2007-6477
Malware in sbrugna...
EUVD-2010-5103
Malware in sbrugna...
EUVD-2007-6279
Malware in sbrugna...
CVE-2010-5144
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
K000139692: Websense vulnerabilities CVE-2006-2035 and CVE-2010-5144
Security Advisory Description CVE-2006-2035 Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. CVE-2010-5144 The ISAPI Filter plug-in in Websense Enterprise...
CVE-2008-7312
The Filtering Service in Websense Enterprise 5.2 through 6.3 does not consider the IP address during URL categorization, which makes it easier for remote attackers to bypass filtering via an HTTP request, as demonstrated by a request to a compromised server associated with a specific IP address...
Design/Logic Flaw
The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an...
CVE-2010-5144
The CVE-2010-5144 issue affects the ISAPI Filter plug-in used with Websense Enterprise, Websense Web Security, and Websense Web Filter (versions 6.3.3 and earlier) when deployed behind Microsoft ISA or Forefront TMG. The vulnerability allows remote attackers to bypass intended filtering and monit...
Design/Logic Flaw
The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database...
CVE-2008-4646
The CVE concerns the Websense Reporter Module in Websense Enterprise 6.3.2. Affected component: Websense Reporter Module; vulnerability: the SQL database system administrator password is stored in plaintext in CreateDbInstall.log. Root cause: credentials are written to a log file, exposing the pa...
Design/Logic Flaw
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a 1 RealPlayer G2, 2 MSMSGS, or 3 StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization...
Cross site scripting
Cross-site scripting XSS vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field...
CVE-2007-6312
Cross-site scripting XSS vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field...
CVE-2007-6312
CVE-2007-6312 is an XSS vulnerability in the login page of Websense’s Web Reporting Tools portal (Websense Enterprise/Web Security Suite 6.3). The issue arises because the username field is not properly sanitized, allowing remote attackers to inject arbitrary script or HTML via that input. Affect...
CVE-2007-6312
Cross-site scripting XSS vulnerability in the logon page in Web Reporting Tools portal in Websense Enterprise and Web Security Suite 6.3 allows remote attackers to inject arbitrary web script or HTML via the username field...
VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebSense content filter bypass when deployed in conjunction with Cisco filtering...
Websense Enterprise 45 - Blocked Sites Cross-Site Scripting
Websense Enterprise 45 - Blocked Sites Cross-Site Scripting source: https://www.securityfocus.com/bid/9149/info Websense Enterprise displays error pages for blocked sites without sufficiently sanitizing HTML and script code from the blocked site URI. This could allow for cross-site scripting...
Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting
source: https://www.securityfocus.com/bid/9149/info Websense Enterprise displays error pages for blocked sites without sufficiently sanitizing HTML and script code from the blocked site URI. This could allow for cross-site scripting attacks if a victim user visits a link to a blocked site that...