CVE-2013-4815
https://notcve.org/view.php?id=CVE-2013-4815
Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en el interfaz web en HP ArcSight Enterprise Security Manager (ESM) anterior a v5.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03901176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-0430
https://notcve.org/view.php?id=CVE-2012-0430
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. Una vulnerabilidad no especificada en NetIQ eDirectory v8.8.6.x antes de v8.8.6.7 y v8.8.7.x antes de v8.8.7.2 en Windows permite a atacantes remotos obtener una cookie de administrador y omitir las comprobaciones de autorización a través de vectores desconocidos. • http://www.novell.com/support/kb/doc.php?id=3426981 http://www.novell.com/support/kb/doc.php?id=7011538 http://www.securitytracker.com/id?1027910 https://bugzilla.novell.com/show_bug.cgi?id=772898 •
CVE-2012-0432 – Novell NCP - Remote Command Execution
https://notcve.org/view.php?id=CVE-2012-0432
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. Un desbordamiento de búfer basado en pila en la implementación de Novell NCP en NetIQ eDirectory v8.8.7.x ante v8.8.7.2 permite a atacantes remotos tener un impacto no especificado a través de vectores desconocidos. • https://www.exploit-db.com/exploits/24205 https://www.exploit-db.com/exploits/24323 http://www.novell.com/support/kb/doc.php?id=3426981 https://bugzilla.novell.com/show_bug.cgi?id=785272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-0429
https://notcve.org/view.php?id=CVE-2012-0429
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. Dhost en NetIQ eDirectory v8.8.6.x antes de v8.8.6.7 y v8.8.7.x antes de v8.8.7.2 en Windows permite a usuarios remotos autenticados provocar una denegación de servicio (caída del demonio) a través de caracteres extraños en la solicitud HTTP. • http://www.novell.com/support/kb/doc.php?id=3426981 http://www.novell.com/support/kb/doc.php?id=7011533 http://www.securitytracker.com/id?1027912 https://bugzilla.novell.com/show_bug.cgi?id=772895 •
CVE-2012-0428
https://notcve.org/view.php?id=CVE-2012-0428
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en NetIQ eDirectory v8.8.6.x antes de v8.8.6.7 y v8.8.7.x antes de v8.8.7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www.novell.com/support/kb/doc.php?id=3426981 http://www.novell.com/support/kb/doc.php?id=7011539 http://www.securitytracker.com/id?1027911 https://bugzilla.novell.com/show_bug.cgi?id=772899 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •