2 matches found
CVE-2007-1083
The CVE-2007-1083 issue affects the VeriSign Configuration Checker ActiveX control (VSCnfChk.dll, version 2.0.0.2) used in VeriSign PKI products. The Nessus entry confirms a stack/buffer overflow in VerCompare() that can allow remote code execution when a user is tricked into loading a crafted we...
CVE-2006-1344
CVE-2006-1344 describes a cross-site scripting (XSS) flaw in VeriSign’s haydn.exe CGI used by MPKI 6.0. The vulnerability stems from lack of input validation in the VHTML_FILE parameter, allowing an attacker to inject arbitrary HTML/JavaScript that is returned to the user’s browser. CORE Security...