VYPR

Injoin Directory Server

by Critical Path

CVEs (4)

  • CVE-2002-0787Aug 12, 2002
    risk 0.03cvss epss 0.03

    Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.

  • CVE-2002-0786Aug 12, 2002
    risk 0.03cvss epss 0.03

    iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter.

  • CVE-2001-1315Jul 16, 2001
    risk 0.00cvss epss 0.04

    Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2001-1314Jul 16, 2001
    risk 0.00cvss epss 0.05

    Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.