Next Page >>
Reported By
Advisory: “Cross-Site Scripting” in Avatar uploads in fluxBB
Application: fluxBB
Vulnerable Versions: 1.3-legacy and older 1.3 versions.
Reported By: Jacques Copeau
Note
***********
This advisory is part of a survey about vulnerable file uploads in forum
software. The survey will be published after all vendors have fixed their
CA Advisory Date: 2008-06-17
Reported By: Luigi Auriemma
Impact: A remote attacker can cause a denial of service.
CA Vuln ID (CAID): 35673, 35674, 35675, 35676, 35677
CA Advisory Date: 2007-09-20
Reported By: Sean Larsson (VeriSign iDefense Labs)
anonymous researcher working with the iDefense VCP
eEye Digital Security
Impact: A remote attacker can execute arbitrary code or cause a
CA Advisory Date: 2009-01-26
CA Advisory Updated: May 12, 2009
Reported By:
Thierry Zoller and Sergio Alvarez of n.runs AG
Impact: A remote attacker can evade detection.
CVE: CVE-2008-1472
CA Advisory Date: 2008-03-28
Reported By: Exploit code posted at milw0rm.com
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
Summary: CA products that implement the DSM ListCtrl ActiveX
CA Advisory Date: 2008-06-03
Reported By: Sebastian Apelt working with ZDI/TippingPoint
Cody Pierce, TippingPoint DVLabs
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
CA Advisory Date: 2009-06-15
Reported By: iViZ Security Research Team
Impact: A remote attacker can cause a denial of service.
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative
action.
Summary: CA Host-Based Intrusion Prevention System (CA HIPS)
CA Advisory Date: 2008-09-24
Reported By:
Open Security Foundation
Impact: A remote attacker can conduct cross-site scripting attacks.
CA Advisory Date: 2009-01-23
Reported By: n/a
Impact: Refer to the CVE identifiers for details.
CA Vuln ID (CAID): 35690, 35691, 35692
CA Advisory Date: 2007-09-26
Reported By: Sean Larsson, iDefense Labs
anonymous researcher working with the iDefense VCP
Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com)
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
CA Vuln ID (CAID): 35724, 35725, 35726
CA Advisory Date: 2007-10-10
Reported By:
Anonymous researcher working with the iDefense VCP (CVE-2007-5325)
Dyon Balding of Secunia Research (CVE-2007-5326)
Cocoruder of Fortinet Security Research Team (CVE-2007-5327)
Tenable Network Security (CVE-2007-5328)
Pedram Amini of DV Labs (dvlabs.tippingpoint.com) (CVE-2007-5329)
CA Advisory Date: 2008-04-15
Reported By: Greg Linares of eEye Digital Security
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
CA Advisory Date: 2008-10-09
Reported By:
Haifei Li of Fortinet's FortiGuard Global Security Research Team
Vulnerability Research Team of Assurent Secure Technologies, a
TELUS Company
Greg Linares of eEye Digital Security
CA Advisory Date: 2009-01-07
Reported By:
Michel Arboi of Tenable Network Security
Impact: A remote attacker can execute arbitrary commands.
CA Advisory Date: 2009-04-29
Reported By:
Apache Software Foundation
David Endler of iDefense
Ulf Harnhammar for SITIC, Swedish IT Incident Centre
CA Advisory Date: 2008-05-19
Reported By: An anonymous researcher working with the iDefense VCP
Damian Put working with ZDI/TippingPoint
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
Title: CA ARCserve Backup for Laptops and Desktops Server and CA
Desktop Management Suite Multiple Vulnerabilities
CA Advisory Date: 2008-04-03
Reported By: Dyon Balding of Secunia Research
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
Summary: CA ARCserve Backup for Laptops and Desktops Server
CA Advisory Date: 2009-01-26
Reported By:
Thierry Zoller and Sergio Alvarez of n.runs AG
Impact: A remote attacker can evade detection.
CA Advisory Date: 2008-07-31
Reported By: Vulnerability Research Team of Assurent Secure
Technologies, a TELUS Company
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
CA Vuln ID (CAID): 35724, 35725, 35726
CA Advisory Date: 2007-10-10
CA Advisory Updated: 2007-12-05
Reported By:
Anonymous researcher working with the iDefense VCP (CVE-2007-5325)
Dyon Balding of Secunia Research (CVE-2007-5326)
Cocoruder of Fortinet Security Research Team (CVE-2007-5327)
Tenable Network Security (CVE-2007-5328)
Pedram Amini of DV Labs (dvlabs.tippingpoint.com) (CVE-2007-5329)
CA Vuln ID (CAID): 35970
CA Advisory Date: 2007-12-19
Reported By: Ingres Corporation
Impact: Attacker can gain elevated privileges.
Summary: A potential vulnerability exists in the Ingres software
that is embedded in various CA products. This vulnerability exists
Title: CA Alert Notification Server Multiple Vulnerabilities
CA Advisory Date: 2008-04-03
Reported By: An anonymous researcher working with the iDefense VCP
Impact: A remote authenticated attacker can execute arbitrary code
or cause a denial of service condition.
Summary: CA Alert Notification Server service contains multiple
CA Advisory Date: 2009-01-23
Reported By: n/a
Impact: A remote attacker can execute arbitrary commands.
CA Advisory Date: 2008-08-01
Reported By: iDefense Labs
Impact: A remote attacker can execute arbitrary code, gain
privileges, or cause a denial of service condition.
CA Advisory Date: 2008-08-11
Reported By:
CVE-2008-2926 - Tobias Klein
CVE-2008-3174 - Elazar Broad
Impact: A remote attacker can cause a denial of service or
CA Advisory Date: 2008-12-10
Reported By:
Dyon Balding of Secunia Research
Impact: A remote attacker can cause a denial of service or execute
arbitrary code.
CA Advisory Date: 2009-06-15
Reported By: iViZ Security Research Team
Impact: A remote attacker can cause a denial of service.
|--------------------+---------------------------------------------------|
| Exploits Known | Yes |
|--------------------+---------------------------------------------------|
| Reported On | April 18, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Joel R. Voss aka. Javantea < jvoss AT altsci DOT |
| | com > |
|--------------------+---------------------------------------------------|
| Posted On | April 22, 2008 |
|--------------------+---------------------------------------------------|
| Last Updated On | April 22, 2008 |
|--------------------+---------------------------------------------------|
| Exploits Known | No |
|--------------------+---------------------------------------------------|
| Reported On | March 13, 2008 |
|--------------------+---------------------------------------------------|
| Reported By | Steve Davies (bugs.digium.com user stevedavies) |
| | |
| | Brandon Kruse (bugs.digium.com user bkruse) |
|--------------------+---------------------------------------------------|
| Posted On | March 18, 2008 |
|--------------------+---------------------------------------------------|
Next Page>>
|
