CVE-2015-0931

Ektron Content Management System CMS 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue...

Design/Logic Flaw

Ektron Content Management System CMS 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue...

CVE-2015-0931

Ektron Content Management System CMS 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue...

IBM DB2 9.7 < Fix Pack 9 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.7 running on the remote host is prior to Fix Pack 9. It is, therefore, affected by one or more of the following vulnerabilities : - The included software, GSKit, contains several errors related to SSL and TLS that can result in denial of...

Google Appliance ProxyStyleSheet Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Google...

Google Appliance ProxyStyleSheet Command Execution

This module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 GA-2005-08-m. The target appliance must be able to connect back to...

CVE-2005-3757

The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as 1 system-property...

CVE-2005-3757

The CVE-2005-3757 issue affects the Saxon XSLT parser used by Google Mini Search Appliance (and possibly Google Search Appliance). The vulnerability arises from dangerous Java methods (system-property, sys:getProperty, run:exec) in the select attribute of xsl:value-of in XSLT style sheets, enabli...

CVE-2005-3757

The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as 1 system-property...

CVE-2005-3757

Removed by vendor...

[Full-disclosure] Google Search Appliance proxystylesheet Flaws

This document can be found online at: - http://metasploit.com/research/vulns/googleproxystylesheet/ Title: Google Search Appliance proxystylesheet Flaws Release Date: November 21, 2005 Patch Date: August 16, 2005 Reported Date: June 10, 2005 Vendor: Google Systems Affected: Google Mini Search...

Google Search Appliance proxystylesheet XSLT Java Code Execution

Exploit for hardware platform in category remote exploits ================================================================ Google Search Appliance proxystylesheet XSLT Java Code Execution ================================================================ This file is part of the Metasploit Framewor...

Google Search Appliance proxystylesheet XSLT Java Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...

Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)

Google Search Appliance - proxystylesheet XSLT Java Code Execution Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license a...

google.pm.txt

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...