3 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HTTP Server de IBM OS/400 V5R3M0 y V5R4M0. permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de la cabecera Expect HTTP. • http://secunia.com/advisories/28744 http://www-1.ibm.com/support/docview.wss?uid=nas22f5a0f082f6821c4862573e10041f7bd http://www.securityfocus.com/bid/27595 http://www.vupen.com/english/advisories/2008/0397 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 5%CPEs: 8EXPL: 0

IBM OS/400 (aka i5/OS) V4R2M0 through V5R3M0 on iSeries machines sends responses to TCP SYN-FIN packets, which allows remote attackers to obtain system information and possibly bypass firewall rules. IBM OS/400 (también conocido como i5/OS) V4R2M0 hasta V5R3M0 en máquinas iSeries envía respuestas a paquetes TCP SYN-FIN, lo cual permite a atacantes remotos obtener información sensible y posiblemente evitar reglas de cortafuegos. • http://osvdb.org/37792 http://secunia.com/advisories/25885 http://www-1.ibm.com/support/docview.wss?uid=nas2742405285431729b86256e620067dc17 http://www.securityfocus.com/bid/24706 https://exchange.xforce.ibmcloud.com/vulnerabilities/35173 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing. Múltiples vulnerabilidades no especificadas en osp-cert en IBM OS/400 V5R3M tienen un impacto no especificado y vectores de ataque, realcionado con el análisis ASN.1 • http://secunia.com/advisories/22978 http://www-1.ibm.com/support/docview.wss?uid=nas38b2ee8e7abe99d0b86256eb600477b8c http://www-1.ibm.com/support/search.wss?rs=0&q=MA29469&apar=only http://www.securityfocus.com/bid/21189 •