2 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 138EXPL: 0

Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors. Pulse Secure Desktop anterior a la versión 5.2R2 y Pulse Secure Installer Service anterior a versión 8.2R2 y anteriores para Windows permiten a los usuarios restringidos obtener privilegios a través de vectores no especificados • http://www.securityfocus.com/bid/92692 http://www.securitytracker.com/id/1036474 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40241 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0

Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICE_CMD_UNINSTALL command to the NeoterisSetupService named pipe. Desbordamiento de búfer basado en pila en dsInstallerService.dll de Juniper Installer Service, tal como es utilizado en Juniper Odyssey Access Client v4.72.11421.0 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de una cadena de texto larga en un comando DSSETUPSERVICE_CMD_UNINSTALL mal formado a la tubería con nombre NeoterisSetupService. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=850 https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2009-10-540&viewMode=view • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •