CVSS: 10.0EPSS: 44%CPEs: 1EXPL: 1CVE-2007-1685 – Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2007-1685
08 Jun 2007 — Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372. Desbordamiento de búfer en k9filter.exe de BlueCoat K9 Web Protection 3.2.36, y probablemente otras versiones anteriores a 3.2.44, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un... • https://www.exploit-db.com/exploits/30163 •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2007-0796
https://notcve.org/view.php?id=CVE-2007-0796
06 Feb 2007 — Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption. Blue Coat Systems WinProxy 6.1a y 6.0 r1c, y posiblemente anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código de su elección mediante una petición HTTP CONNECT larga, lo cual provoca la corrupción de la... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=471 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0578
https://notcve.org/view.php?id=CVE-2006-0578
08 Feb 2006 — Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters. Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 no impone reglas CONNECT cuando se usa Deep Content Inspection, lo que permite a atacantes remotos evitar filtros de conexión. • http://secunia.com/advisories/18622 •
CVSS: 9.8EPSS: 77%CPEs: 20EXPL: 3CVE-2005-4085 – BlueCoat WinProxy 6.0 R1c - 'Host' Remote Stack Overflow (SEH)
https://notcve.org/view.php?id=CVE-2005-4085
31 Dec 2005 — Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. • https://www.exploit-db.com/exploits/1408 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1CVE-2005-3187 – BlueCoat WinProxy 6.0 R1c - GET Denial of Service
https://notcve.org/view.php?id=CVE-2005-3187
31 Dec 2005 — The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read. • https://www.exploit-db.com/exploits/1409 •
CVSS: 9.8EPSS: 3%CPEs: 19EXPL: 0CVE-2005-3654
https://notcve.org/view.php?id=CVE-2005-3654
31 Dec 2005 — Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap. • http://secunia.com/advisories/18288 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1708 – Blue Coat Reporter 7.0/7.1 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-1708
24 May 2005 — templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true. • https://www.exploit-db.com/exploits/25697 •
CVSS: 9.1EPSS: 3%CPEs: 1EXPL: 1CVE-2005-1709 – Blue Coat Reporter 7.0/7.1 - License HTML Injection
https://notcve.org/view.php?id=CVE-2005-1709
24 May 2005 — Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license. • https://www.exploit-db.com/exploits/25698 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1710
https://notcve.org/view.php?id=CVE-2005-1710
24 May 2005 — Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page. • http://marc.info/?l=bugtraq&m=111695726810435&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •