Lucene search

K

Netegrity Security Vulnerabilities

cve
cve

CVE-2005-10001

A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the...

6.1CVSS

6.7AI Score

0.001EPSS

2022-03-28 09:15 PM
27
cve
cve

CVE-2003-1312

siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other...

7AI Score

0.004EPSS

2006-12-15 07:00 PM
15
cve
cve

CVE-2003-1311

siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this...

6.9AI Score

0.004EPSS

2006-12-15 07:00 PM
25
cve
cve

CVE-2001-1455

Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode...

7.2AI Score

0.007EPSS

2005-04-21 04:00 AM
28
cve
cve

CVE-2004-0425

Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE...

8.1AI Score

0.035EPSS

2004-08-18 04:00 AM
32
cve
cve

CVE-2004-0672

Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype...

6.4AI Score

0.007EPSS

2004-08-06 04:00 AM
22
cve
cve

CVE-2000-0850

Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested...

7.4AI Score

0.006EPSS

2001-01-22 05:00 AM
18