Page 72 of 414 results (0.010 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2009-2454

https://notcve.org/view.php?id=CVE-2009-2454

Cross-site scripting (XSS) vulnerability in Citrix Web Interface 4.6, 5.0, and 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en Citrix Web Interface v4.6, v5.0, y v5.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a través de vectores desconocidos. • http://secunia.com/advisories/34868 http://support.citrix.com/article/CTX120697 http://www.securityfocus.com/bid/34761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2009-2213

https://notcve.org/view.php?id=CVE-2009-2213

The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions. La configuración por defecto en las características de seguridad globales en el appliance Citrix NetScaler Access Gateway con el firmware Enterprise Edition 9.0, 8.1 y versiones anteriores especifica la opción "Allow for the Default Authorization Action" lo que puede permitir a usuarios remotos autenticados evitar las restricciones de acceso previstas. • http://support.citrix.com/article/CTX118770 http://www.securityfocus.com/bid/35422 http://www.vupen.com/english/advisories/2009/1641 https://exchange.xforce.ibmcloud.com/vulnerabilities/51274 • CWE-863: Incorrect Authorization •

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0

CVE-2009-2214

https://notcve.org/view.php?id=CVE-2009-2214

The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request. El servicio Secure Gateway en Citrix Secure Gateway v3.1 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante una petición no especificada. • http://secunia.com/advisories/35503 http://support.citrix.com/article/CTX121172 http://www.securityfocus.com/bid/35421 http://www.securitytracker.com/id?1022420 http://www.vupen.com/english/advisories/2009/1633 https://exchange.xforce.ibmcloud.com/vulnerabilities/51216 • CWE-399: Resource Management Errors •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-6830

https://notcve.org/view.php?id=CVE-2008-6830

The disconnection feature in Citrix Web Interface 5.0 and 5.0.1 for Java Application Servers does not properly terminate a user's web interface session, which allows attackers with access to the same browser instance to gain access to the user's Web Interface session. NOTE: the attacker must also have valid credentials to the Web Interface. La desconexión de Citrix Web Interface v5.0 y v5.0.1 para servidores de aplicación Java no finaliza adecuadamente la sesión del interfaz web, lo que permite a atacantes remotos con acceso a la misma instancia del navegador obtener acceso a la sesión de interfaz web del usuario. NOTA: el atacante también debe tener credenciales válidas para el interfaz web. • http://osvdb.org/49387 http://secunia.com/advisories/32444 http://support.citrix.com/article/CTX118768 http://www.securityfocus.com/bid/31943 http://www.securitytracker.com/id?1021110 http://www.vupen.com/english/advisories/2008/2946 https://exchange.xforce.ibmcloud.com/vulnerabilities/46135 •

CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-6561

https://notcve.org/view.php?id=CVE-2008-6561

Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges. Citrix Presentation Server Client para Windows versiones anteiores a v10.200 no limpia "información confidencial" de procesos de memoria en circunstancias sin especificar, lo cual permite a usuarios locales conseguir privilegios. • http://support.citrix.com/article/CTX116227 http://www.securitytracker.com/id?1019605 http://www.vupen.com/english/advisories/2008/0845 https://exchange.xforce.ibmcloud.com/vulnerabilities/41102 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •