queues software vulnerabilities
vulnerabilities.aspcode.net
Searching queues software vulnerabilities
A bug in the HTML parser in a certain Microsoft
MailEssentials
|
MailSecurity
|
Microsoft
|
attackers
|
reported
|
products
|
Exchange
|
strings
|
service
|
library
|
various
|
certain
|
denial
|
queues
|
remain
|
parser
|
causes
|
emails
|
remote
|
which
|
allow
|
party
|
third
|
cause
|
used
|
HTML
|
mail
|
may
|
bug
|
IIS
|
via
|
GFI
|
A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.
Multiple SQL injection vulnerabilities in Cerbe
vulnerabilities
|
injection
|
attackers
|
arbitrary
|
Helpdesk
|
Multiple
|
commands
|
Cerberus
|
execute
|
remote
|
allow
|
via
|
SQL
|
Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to attachment_send.php, (2) the $addy variable in email_parser.php, (3) $address variable in email_parser.php, (4) $a_address variable in structs.php, (5) kbid parameter to cer_KnowledgebaseHandler.class.php, (6) queues[] parameter to addresses_export.php, (7) $thread variable to display.php, (8) ticket parameter to display_ticket_thread.php.
Multiple SQL injection vulnerabilities in Oracl
vulnerabilities
|
injection
|
Multiple
|
Release
|
before
|
Oracle
|
CPU
|
Jan
|
10g
|
SQL
|
Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 allow remote attackers to execute arbitary SQL commands via multiple parameters in (1) ATTACH_JOB, (2) HAS_PRIVS, and (3) OPEN_JOB functions in the SYS.KUPV$FT package; and (4) UPDATE_JOB, (5) ACTIVE_JOB, (6) ATTACH_POSSIBLE, (7) ATTACH_TO_JOB, (8) CREATE_NEW_JOB, (9) DELETE_JOB, (10) DELETE_MASTER_TABLE, (11) DETACH_JOB, (12) GET_JOB_INFO, (13) GET_JOB_QUEUES, (14) GET_SOLE_JOBNAME, (15) MASTER_TBL_LOCK, and (16) VALID_HANDLE functions in the SYS.KUPV$FT_INT package. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that these issues has been addressed by Oracle. It is unclear which, if any, Oracle Vuln# identifiers apply to these issues.
The JMS Server in BEA WebLogic Server 6.1 throu
protected
|
attackers
|
security
|
enforces
|
policies
|
requests
|
back-end
|
WebLogic
|
through
|
remote
|
allows
|
direct
|
queues
|
Server
|
access
|
front
|
which
|
SP6
|
SP5
|
JMS
|
via
|
end
|
BEA
|
SP7
|
The JMS Server in BEA WebLogic Server 6.1 through SP7, 7.0 through SP6, and 8.1 through SP5 enforces security access policies on the front end, which allows remote attackers to access protected queues via direct requests to the JMS back-end server.
Software vulnerabilities results 1 to 5 of 5
Page:
1