5 results (0.009 seconds)

CVSS: 4.3EPSS: 7%CPEs: 5EXPL: 0

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference. El servicio Shared Trace (también se conoce como OVTrace) en HP Performance Agent versión C.04.70 (4.70), HP OpenView Performance Agent versiones C.04.60 y C.04.61, HP Reporter versión 3.8 y HP OpenView Reporter versión 3.7 (Informe 3.70), permite a los atacantes remotos causar una denegación de servicio por medio de una serie no especificada de peticiones RPC (también se conoce como Mensajes de Eventos de Rastreo) que desencadena un acceso de memoria fuera de límites, relacionado con una referencia de objeto errónea. • http://marc.info/?l=bugtraq&m=122876677518654&w=2 http://marc.info/?l=bugtraq&m=122876827120961&w=2 http://secunia.com/advisories/27054 http://secunia.com/secunia_research/2007-83 http://securityreason.com/securityalert/4501 http://www.securityfocus.com/archive/1/497648/100/0/threaded http://www.securityfocus.com/bid/31860 http://www.securitytracker.com/id?1021092 http://www.vupen.com/english/advisories/2008/2888 https://exchange.xforce.ibmcloud.com/vulnerabilities/46028 •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2

PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en processor/reporter.sql.php en el componente Reporter de Mambo (com_reporter) permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro mosConfig_absolute_path. • https://www.exploit-db.com/exploits/28396 http://securityreason.com/securityalert/1419 http://www.securityfocus.com/archive/1/443373/100/0/threaded http://www.securityfocus.com/bid/19553 https://exchange.xforce.ibmcloud.com/vulnerabilities/28412 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 1

templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true. • https://www.exploit-db.com/exploits/25697 http://marc.info/?l=bugtraq&m=111695726810435&w=2 http://secunia.com/advisories/15452 http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html http://www.osvdb.org/16763 http://www.securityfocus.com/bid/13723 http://www.vupen.com/english/advisories/2005/0589 •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1

Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license. • https://www.exploit-db.com/exploits/25698 http://secunia.com/advisories/15452 http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html http://www.osvdb.org/16764 http://www.securityfocus.com/bid/13725 http://www.vupen.com/english/advisories/2005/0589 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. • http://marc.info/?l=bugtraq&m=111695726810435&w=2 http://secunia.com/advisories/15452 http://www.bluecoat.com/support/knowledge/advisory_reporter_711_vulnerabilities.html http://www.osvdb.org/16765 http://www.osvdb.org/16766 http://www.vupen.com/english/advisories/2005/0589 •