2 results (0.001 seconds)

CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0

Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password, (2) modify a policy, or (3) restart the device. Múltiples vulnerabilidades de solicitudes falsificadas en sitios cruzados (CSRF) en Blue Coat ProxyAV appliance anterior a v3.2.6.1 permite a atacantes remotos secuestrar la autenticación de los administradores para solicitudes de (1) cambio de contraseña, (2) modificación de una política, o (3) reinicio del dispositivo. • https://kb.bluecoat.com/index?page=content&id=SA46 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.5EPSS: 57%CPEs: 20EXPL: 3

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. • https://www.exploit-db.com/exploits/1408 https://www.exploit-db.com/exploits/16691 http://secunia.com/advisories/18288 http://secunia.com/advisories/18909 http://securitytracker.com/id?1015441 http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364 http://www.securityfocus.com/bid/16147 http://www.vupen.com/english/advisories/2006/0065 http://www.vupen.com/english/advisories/2006/0622 •