16 results (0.003 seconds)

CVSS: 9.3EPSS: 20%CPEs: 4EXPL: 2

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information. Vulnerabilidad sin especificar en el módulo pdf.xmd en (1) BitDefender Free Edition 10 y Antivirus Standard 10, (2) BullGuard Internet Security v8.5, y (3) Software602 Groupware Server v6.0.08.1118, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un archivo PDF manipulado, seguramente relacionado con la inclusión de flujos comprimidos que son procesados con el filtro ASCIIHexDecode. NOTA: algunos de éstos detalles han sido obtenidos a partir de terceros. • https://www.exploit-db.com/exploits/7178 http://milw0rm.com/sploits/2008-BitDefenderDOS.zip http://osvdb.org/50010 http://osvdb.org/50103 http://osvdb.org/50205 http://secunia.com/advisories/27805 http://secunia.com/advisories/32789 http://secunia.com/advisories/32814 http://www.securityfocus.com/bid/32396 https://exchange.xforce.ibmcloud.com/vulnerabilities/46750 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 0

Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Desbordamiento de búfer basado en pila en smtpdll.dll en el servicio SMTP en 602Pro LAN SUITE 2003 2003.0.03.0828 permite a atacantes remotos ejecutar código de su elección a través de un mensaje de correo electrónico con una dirección larga. NOTA: El origen de esta información es desconocido; los detalles son obtenidos solamente de información de terceras partes. • http://osvdb.org/37232 http://secunia.com/advisories/25429 http://www.kb.cert.org/vuls/id/445313 http://www.securityfocus.com/bid/24437 https://exchange.xforce.ibmcloud.com/vulnerabilities/34834 https://exchange.xforce.ibmcloud.com/vulnerabilities/34974 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability. • http://rgod.altervista.org/602_en.html http://securitytracker.com/id?1014105 •

CVSS: 6.4EPSS: 27%CPEs: 1EXPL: 3

Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. • https://www.exploit-db.com/exploits/25621 http://secunia.com/advisories/15231 http://www.osvdb.org/16069 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2

Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter. • https://www.exploit-db.com/exploits/25092 http://marc.info/?l=bugtraq&m=110793103506620&w=2 http://secunia.com/advisories/14169 http://securitytracker.com/id?1013106 http://www.security.org.sg/vuln/602lansuite1221.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19258 •