38 matches found
wolfram.com XSS vulnerability
Vulnerable URL: http://www.wolfram.com/support/contact/email/?source="%3E%3Csvg/onload=alert'OPENBUGBOUNTY'%3E' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4304 VIP website...
wolfram.com XSS vulnerability
Vulnerable URL: http://wolfram.com/broadcast/video.php?sx="...
demonstrations.wolfram.com XSS vulnerability
Open Bug Bounty ID: OBB-64563 Description| Value ---|--- Affected Website:| demonstrations.wolfram.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Preventi...
Wolfram Research webMathematica 4.0 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based on user supplied inpu...
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
The problem reported for Mathematica became worse at version 8.0.4, present for the command-line interface "math" also. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...
Mathematica Arbitrary File Overwriting Vulnerability (Linux)
The host is running Mathematica and is prone to arbitrary file overwriting vulnerability. OpenVAS Vulnerability Test $Id: secpodmathematicasymlinkvulnlin.nasl 5394 2017-02-22 09:22:42Z teissa $ Mathematica Arbitrary File Overwriting Vulnerability Linux Authors: Sooraj KS Copyright: Copyright c 20...
Mathematica Arbitrary File Overwriting Vulnerability - Linux
Mathematica is prone to arbitrary file overwriting vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mathematica Symlink Attack
"If you're doing anything technical, think Mathematica --..." http://www.wolfram.com/products/mathematica/index.html Mathematica7 on Linux uses the /tmp/MathLink directory in insecure ways. Mathematica creates or re-uses an existing /tmp/MathLink directory, and overwrites files within and follows...
CVE-2009-4812
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
CVE-2009-4814
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
Information disclosure
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message...
Cross site scripting
Cross-site scripting XSS vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script...
CVE-2009-4812
CVE-2009-4812 affects Wolfram Research WebMathematica. An unauthenticated remote attacker can cause the MSP script to disclose the installation path in an error message, resulting in information disclosure. No remediation details are provided in the supplied documents. Exploitation status is not ...
CVE-2009-4814
CVE-2009-4814 describes a cross-site scripting (XSS) vulnerability in Wolfram Research WebMathematica, allowing remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. The documents identify the affected component as the WebMathematica MSP script handling URI input,...
EUVD-2002-0917
Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. dot dot in the MSPStoreID parameter...
CVE-2002-0926
The CVE-2002-0926 issue affects Wolfram Research webMathematica 1.0.0 and 1.0.0.1. A directory-traversal vulnerability allows remote attackers to read arbitrary files by manipulating the MSPStoreID parameter. The CERT/CC entry corroborates that reading arbitrary files is possible via absolute pat...
Directory Traversal in Wolfram Research's webMathematica
Security Advisory By Andrew Badr ----------------- SUMMARY: There is a vulnerability in the webMathematica software which allows remote clients web surfers to read an arbitrary file on the server assuming the httpd-user has permission. This can reveal sensitive information such as that stored in...
[SECURITY] [DSA-060-1] fetchmail buffer overflow
Package : fetchmail Problem type : buffer overflow Debian-specific: no Wolfram Kleff found a problem in fetchmail: it would crash when processing emails with extremely long headers. The problem was a buffer overflow in the header parser which could be exploited. This has been fixed in version...