|
258591
|
- |
|
trend_micro
|
client-server-messaging_security
officescan_corporate_edition
|
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-0325
|
2011-03-8 11:49 |
2007-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258592
|
- |
|
trend_micro
|
client-server-messaging_security
officescan_corporate_edition
|
Successful exploitation requires that OfficeScan client was installed using web deployment.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-0325
|
2011-03-8 11:49 |
2007-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258593
|
- |
|
trend_micro
|
client-server-messaging_security
officescan_corporate_edition
|
The vendor has issued a fix (7.0 Security Patch - Build 1344; 7.3 Security Patch - Build 1241).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-0325
|
2011-03-8 11:49 |
2007-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258594
|
- |
|
bea
|
weblogic_server
|
BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certifica…
|
NVD-CWE-Other
|
CVE-2007-0408
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258595
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users…
|
NVD-CWE-Other
|
CVE-2007-0409
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258596
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM)…
|
NVD-CWE-Other
|
CVE-2007-0411
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258597
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.
|
NVD-CWE-Other
|
CVE-2007-0413
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258598
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, and 9.0 allows remote attackers to cause a denial of service (server hang) via certain requests that cause muxer thr…
|
NVD-CWE-Other
|
CVE-2007-0414
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258599
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which all…
|
NVD-CWE-Other
|
CVE-2007-0415
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258600
|
- |
|
bea
|
weblogic_server
|
The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security.
|
NVD-CWE-Other
|
CVE-2007-0416
|
2011-03-8 11:49 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
