1 results (0.010 seconds)
CVSS: 8.8EPSS: 1%CPEs: 18EXPL: 0
CVSS: 8.8EPSS: 1%CPEs: 18EXPL: 0CVE-2012-5003
https://notcve.org/view.php?id=CVE-2012-5003
19 Sep 2012 — nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted (1) SiteUrl or (2) RedirectUrl parameter that points to a Trojan Horse client.zip update file. nxapplet.jar en No Machine NX Web Companion 3.x y anteriores no verifican de forma adecuada la autenticidad de actualizaciones, o que permite a atacantes remotos asistidos por usuarios locales a ejecutar código mediante... • http://archives.neohapsis.com/archives/bugtraq/2012-01/0161.html • CWE-287: Improper Authentication •