4 results (0.002 seconds)

CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0

Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL. Múltiples desbordamientos de búfer basados en pila del interfaz web ServerView (SnmpGetMibValues.exe) en Fujitsu Siemens Computers ServerView 04.60.07 y anteriores permiten a usuarios remotos autenticados ejecutar código arbitrariamente a través de una URL manipulada. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063043.html http://secunia.com/advisories/30913 http://www.securityfocus.com/bid/30081 http://www.vupen.com/english/advisories/2008/2007/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43611 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 2%CPEs: 33EXPL: 3

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter. La secuencia de comandos CGI DBAsciiAccess en el interfaz Web de Fujitsu-Siemens Computers ServerView anterior a 4.50.09 permite a atacantes remotos ejecutar comandos de su elección mediante metacaracteres de consola (shell) en el subparámetro Servername del parámetro ParameterList. Fujitsu-Siemens ServerView suffers from a remote command execution vulnerability. Full details provided. Versions below 4.50.09 are affected. • https://www.exploit-db.com/exploits/30264 http://osvdb.org/37835 http://secunia.com/advisories/25944 http://securityreason.com/securityalert/2858 http://www.redteam-pentesting.de/advisories/rt-sa-2007-002.php http://www.securityfocus.com/archive/1/472800/100/0/threaded http://www.securityfocus.com/bid/24762 http://www.vupen.com/english/advisories/2007/2441 https://exchange.xforce.ibmcloud.com/vulnerabilities/35257 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en Fujitsu ServerView 2.50 hasta el 3.60L98 y 4.10L11 hasta el 4.11L81 permite a atacantes remotos leer archivos de su elección a través de vectores no especificados. • http://jvn.jp/jp/JVN%2373368472/index.html http://jvn.jp/jp/JVN%2376686161/index.html http://secunia.com/advisories/21011 http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html http://www.osvdb.org/27106 http://www.securityfocus.com/bid/18950 •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Fujitsu ServerView 2.50 hasta la 3.60L98 y 4.10L11 hasta la 4.11L81 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/jp/JVN%2373368472/index.html http://jvn.jp/jp/JVN%2376686161/index.html http://secunia.com/advisories/21011 http://software.fujitsu.com/jp/security/vulnerabilities/jvn-73368472-76686161.html http://www.osvdb.org/27105 http://www.securityfocus.com/bid/18950 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •