Lucene search

K

Visionsoft Security Vulnerabilities

cve
cve

CVE-2007-4150

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and (2) storing passwords in the configuration file, which allows local...

7.5CVSS

7.3AI Score

0.001EPSS

2007-08-03 08:17 PM
24
cve
cve

CVE-2007-4148

Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG."...

8.1AI Score

0.031EPSS

2007-08-03 08:17 PM
26
cve
cve

CVE-2007-4151

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via (1) a LOG.ON command, which reveals the logging pathname in the server response; (2) a VER command, which reveals the version number in the server response; and...

7.3AI Score

0.011EPSS

2007-08-03 08:17 PM
24
cve
cve

CVE-2007-4149

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; (2) the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...

8AI Score

0.036EPSS

2007-08-03 08:17 PM
20
cve
cve

CVE-2007-4152

The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an...

7.5AI Score

0.01EPSS

2007-08-03 08:17 PM
28