CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2010-5147
https://notcve.org/view.php?id=CVE-2010-5147
The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic. El componente Remote Filtering en Websense Web Security y Web Filter v6.3.3 anterior a Hotfix 18 y v7.x anterior a v7.1.1 permite a atacantes remotos provocar una denegación de servicio (salida del demonio) a través de un gran volumen de tráfico. • http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf •
CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2010-5149
https://notcve.org/view.php?id=CVE-2010-5149
Websense Web Security and Web Filter before 6.3.3 Hotfix 27 and 7.x before 7.1.1 allow remote attackers to cause a denial of service (Blue Coat appliance integration outage) via a long URL. Websense Web Security y Web Filter anterior a v6.3.3 Hotfix 27 y v7.x anterior a v7.1.1 permite a atacantes remotos causar una denegación de servicio (Blue Coat appliance integration outage) a través de una URL larga. • http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/78341 •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 0CVE-2010-5146
https://notcve.org/view.php?id=CVE-2010-5146
The Remote Filtering component in Websense Web Security and Web Filter before 7.1 Hotfix 66 allows local users to bypass filtering by (1) renaming the WDC.exe file or (2) deleting driver files. El componente Remote Filtering en Websense Web Security y Web Filter v7.1 anterior a Hotfix 66 permite a usuarios locales eludir el filtrado por (1) el renombrado de WDC.exe o (2) borrar los ficheros del controlador. • http://www.websense.com/content/support/library/web/v711/ws711_known_issues/first.aspx http://www.websense.com/content/support/library/web/v711/ws711_known_issues/ws711_known_issues.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/78344 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2011-5102
https://notcve.org/view.php?id=CVE-2011-5102
The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.1 before Hotfix 109, 7.1.1 before Hotfix 06, 7.5 before Hotfix 78, 7.5.1 before Hotfix 12, 7.6 before Hotfix 24, and 7.6.2 before Hotfix 12; Web Filter; Web Security Gateway; and Web Security Gateway Anywhere allows remote attackers to execute commands via unspecified vectors. La interfaz web de informes de investigación en la consola de gestión TRITON en Websense Web Security v7.1 before Hotfix 109, v7.1.1 before Hotfix 06, v7.5 anterior al parche v78, 7.5.1 anterior al parche v12, 7.6 anterior al parche v24, y v7.6.2 anterior al parche v12; Web Filter; Web Security Gateway; y Web Security Gateway Anywhere permite a atacantes remotos ejecutar comandos a través de vectores no especificados. • http://www.websense.com/support/article/kbarticle/v7-1-1-About-Hotfix-06-for-Web-Security-Web-Filter-and-Web-Security-Gateway http://www.websense.com/support/article/kbarticle/v7-1-About-Hotfix-109-for-Websense-Web-Security-Web-Filter-and-Web-Security-Gateway http://www.websense.com/support/article/kbarticle/v7-5-1-About-Hotfix-12-for-Websense-Web-Security-Web-Filter-Web-Security-Gateway-and-Web-Security-Gateway-Anywhere http://www.websense.com/support/article/kbarticle/v7-5-About-Hotfix-78-for-Websense • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 1CVE-2012-4604
https://notcve.org/view.php?id=CVE-2012-4604
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe. La consola de gestión de TRITON en Websense Web Security anterior a v7.6 Hotfix 24 permite a atacantes remotos saltarse la autenticación y leer informes arbitrarios a través de un campo uid manipulado, en conjunción con un campo userRoles manipulado, en una (cookie), como se demuestra por medio de una solicitud a explorer_wse/favorites.exe. • http://www.securityfocus.com/archive/1/522530 • CWE-287: Improper Authentication •