Lucene search
+L
WebsenseWebsense Web Security

11 matches found

cve
cve
added 2012/08/23 10:0 a.m.64 views

CVE-2009-5120

Summary: CVE-2009-5120 concerns Websense Web Security 7.0 / Web Filter 7.0 using Apache Tomcat. The default Tomcat configuration in Websense Manager allows TCP connections to port 1812 from arbitrary source IPs, which is described as enabling cross-site scripting (XSS) via UTF-7 text to the 404 e...

4.3CVSS6AI score0.00942EPSS
cve
cve
added 2012/08/23 10:0 a.m.61 views

CVE-2009-5119

CVE-2009-5119 involves the default configuration of Apache Tomcat in Websense Web Security 7.0 and Websense Web Filter 7.0. The issue is that weak SSL ciphers are enabled in conf/server.xml, potentially allowing remote attackers to obtain sensitive information by sniffing network traffic and then...

4.3CVSS6.3AI score0.01078EPSS
cve
cve
added 2012/08/23 10:0 a.m.57 views

CVE-2010-5144

The CVE-2010-5144 issue affects the ISAPI Filter plug-in used with Websense Enterprise, Websense Web Security, and Websense Web Filter (versions 6.3.3 and earlier) when deployed behind Microsoft ISA or Forefront TMG. The vulnerability allows remote attackers to bypass intended filtering and monit...

4.3CVSS6.9AI score0.01489EPSS
cve
cve
added 2012/08/23 10:0 a.m.55 views

CVE-2010-5147

The CVE-2010-5147 entry affects Websense Web Security and Web Filter: remote filtering component before 6.3.3 Hotfix 18 and before 7.1.1. The flaw allows remote attackers to cause a denial of service (daemon exit) by sending a large volume of traffic. Affected component is the Remote Filtering mo...

5CVSS6.9AI score0.01218EPSS
cve
cve
added 2012/08/23 10:0 a.m.51 views

CVE-2011-5102

The connected Nessus plugin details a remote command-execution path for Websense Triton/Web Security products affected by CVE-2011-5102, specifically: Websense Triton 7.1.x versions before 7.1.3, 7.5.x before 7.5.3, 7.6.0 before 7.6.1, and 7.6.2 before 7.6.3. The vulnerability stems from improper...

7.5CVSS7.5AI score0.03511EPSS
cve
cve
added 2012/08/23 10:0 a.m.49 views

CVE-2010-5148

CVE-2010-5148 affects Websense Web Security and Web Filter prior to 7.1 Hotfix 21. The vulnerability is that the Encrypted Session (SSL) cookie is not marked Secure in HTTPS sessions, enabling potential interception of the cookie over HTTP. No exploitation details are provided in the connected do...

5CVSS6.7AI score0.01354EPSS
cve
cve
added 2012/08/23 10:0 a.m.49 views

CVE-2012-4604

The CVE-2012-4604 issue affects the TRITON management console in Websense Web Security prior to 7.6 Hotfix 24. An authentication bypass vulnerability allows remote attackers to read arbitrary reports by tampering with cookies containing a crafted uid field and a crafted userRoles field, as demons...

4.3CVSS7.1AI score0.01341EPSS
cve
cve
added 2012/08/26 7:0 p.m.47 views

CVE-2009-5132

CVE-2009-5132 affects Websense Filtering Service in Web Security and Web Filter prior to 6.3.1 Hotfix 106 and prior to 7.1 (7.x). The flaw allows remote attackers to cause a denial-of-service (filtering outage) by sending a crafted URL. Impact is partial availability disruption as described; expl...

5CVSS6.8AI score0.0125EPSS
cve
cve
added 2012/08/23 10:0 a.m.47 views

CVE-2010-5145

CVE-2010-5145 affects Websense Web Security and Web Filter prior to 6.3.1 Hotfix 136 and 7.x prior to 7.1.1 on Windows. The vulnerability allows remote attackers to cause a denial of service (filtering outage) by sending a crafted sequence of characters in a URI. The issue is rooted in the Filter...

4.3CVSS6.8AI score0.01321EPSS
cve
cve
added 2012/08/23 10:0 a.m.43 views

CVE-2010-5149

CVE-2010-5149 affects Websense Web Security and Web Filter. The vulnerability exists in the URL handling of Websense products prior to 6.3.3 Hotfix 27 and 7.x prior to 7.1.1, where processing a long URL can trigger a remote DoS (Blue Coat appliance integration outage). The connected documents con...

5CVSS6.8AI score0.01553EPSS
cve
cve
added 2012/08/23 10:0 a.m.41 views

CVE-2010-5146

The CVE-2010-5146 entry concerns Websense Web Security and Web Filter prior to 7.1 Hotfix 66. The vulnerability is a local bypass in the Remote Filtering component, where a user can bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files. Documents specify affected componen...

2.1CVSS6.6AI score0.00386EPSS