CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 1CVE-2007-2964 – F-Secure Policy Manager 7.00 - 'FSMSH.dll' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-2964
The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs. El módulo del host fsmsh.dll en el F-Secure Policy Manager Server 7.00 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de palabras reservadas NTFS en nombres de archivos en las URLs. • https://www.exploit-db.com/exploits/30104 http://osvdb.org/36723 http://secunia.com/advisories/25449 http://www.f-secure.com/security/fsc-2007-4.shtml http://www.securityfocus.com/bid/24233 http://www.securitytracker.com/id?1018149 http://www.vupen.com/english/advisories/2007/1986 https://exchange.xforce.ibmcloud.com/vulnerabilities/34584 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2CVE-2004-1223 – F-Secure Policy Manager 5.11 - 'FSMSH.dll' CGI Application Installation Full Path Disclosure
https://notcve.org/view.php?id=CVE-2004-1223
The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters. • https://www.exploit-db.com/exploits/24811 http://marc.info/?l=bugtraq&m=110262921306862&w=2 http://www.oliverkarow.de/research/f-secure.txt http://www.securityfocus.com/bid/11869 https://exchange.xforce.ibmcloud.com/vulnerabilities/18413 •