Dynamics Gp
by Microsoft
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-2011 | 0.02 | — | 0.25 | May 21, 2010 | Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents. | ||
| CVE-2006-5266 | 0.02 | — | 0.29 | Dec 31, 2006 | Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component. | ||
| CVE-2010-2083 | 0.01 | — | 0.07 | May 26, 2010 | Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors. | ||
| CVE-2006-5265 | 0.01 | — | 0.15 | Dec 31, 2006 | Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message. |
- CVE-2010-2011May 21, 2010risk 0.02cvss —epss 0.25
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents.
- CVE-2006-5266Dec 31, 2006risk 0.02cvss —epss 0.29
Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component.
- CVE-2010-2083May 26, 2010risk 0.01cvss —epss 0.07
Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors.
- CVE-2006-5265Dec 31, 2006risk 0.01cvss —epss 0.15
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message.