CVSS: 6.2EPSS: 11%CPEs: 10EXPL: 0CVE-2012-1462
https://notcve.org/view.php?id=CVE-2012-1462
21 Mar 2012 — The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file cont... • http://www.ieee-security.org/TC/SP2012/program.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 1%CPEs: 12EXPL: 0CVE-2012-1463
https://notcve.org/view.php?id=CVE-2012-1463
21 Mar 2012 — The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be... • http://osvdb.org/80426 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2009-2631
https://notcve.org/view.php?id=CVE-2009-2631
04 Dec 2009 — Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin... • http://kb.juniper.net/KB15799 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5528
https://notcve.org/view.php?id=CVE-2008-5528
12 Dec 2008 — Aladdin eSafe 7.0.17.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Aladdin eSafe v7.0.17.0, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML c... • http://securityreason.com/securityalert/4723 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0CVE-2004-0967 – temporary file vulnerabilities in various ghostscript scripts.
https://notcve.org/view.php?id=CVE-2004-0967
20 Oct 2004 — The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1449
https://notcve.org/view.php?id=CVE-2003-1449
31 Dec 2003 — Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. • http://archives.neohapsis.com/archives/bugtraq/2003-02/0088.html • CWE-16: Configuration •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0363
https://notcve.org/view.php?id=CVE-2002-0363
29 May 2002 — ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-026.0.txt •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1353
https://notcve.org/view.php?id=CVE-2001-1353
18 Sep 2001 — ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled. • http://archives.neohapsis.com/archives/hp/2001-q4/0069.html •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2001-0519 – Aladdin Knowledge Systems eSafe Gateway 3.0 - HTML tag Script-filtering Bypass
https://notcve.org/view.php?id=CVE-2001-0519
27 Jul 2001 — Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags. • https://www.exploit-db.com/exploits/20890 •
CVSS: 9.1EPSS: 2%CPEs: 1EXPL: 2CVE-2001-0520 – eSafe Gateway 2.1 - Script-filtering Bypass
https://notcve.org/view.php?id=CVE-2001-0520
27 Jul 2001 — Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined. • https://www.exploit-db.com/exploits/20869 •