CVE-2009-4812

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...

EUVD-2009-4775

Malware in sbrugna...

Wolfram Research webMathematica 4.0 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based on user supplied inpu...

Information disclosure

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...

Cross site scripting

Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...

CVE-2009-4814

Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...

CVE-2009-4812

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...

CVE-2009-4812

CVE-2009-4812 affects Wolfram Research WebMathematica. An unauthenticated remote attacker can cause the MSP script to disclose the installation path in an error message, resulting in information disclosure. No remediation details are provided in the supplied documents. Exploitation status is not ...

CVE-2009-4814

CVE-2009-4814 describes a cross-site scripting (XSS) vulnerability in Wolfram Research WebMathematica, allowing remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. The documents identify the affected component as the WebMathematica MSP script handling URI input,...

CVE-2002-0926

The CVE-2002-0926 issue affects Wolfram Research webMathematica 1.0.0 and 1.0.0.1. A directory-traversal vulnerability allows remote attackers to read arbitrary files by manipulating the MSPStoreID parameter. The CERT/CC entry corroborates that reading arbitrary files is possible via absolute pat...

EUVD-2002-0917

Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. dot dot in the MSPStoreID parameter...

Directory Traversal in Wolfram Research's webMathematica

Security Advisory By Andrew Badr ----------------- SUMMARY: There is a vulnerability in the webMathematica software which allows remote clients web surfers to read an arbitrary file on the server assuming the httpd-user has permission. This can reveal sensitive information such as that stored in...