Vendor CVEs
Microfocus
All CVEs
2,285 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-3574 | 0.03 | — | 0.05 | Jun 14, 2013 | Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter. | |||
| CVE-2013-2324 | 0.03 | — | 0.39 | Jun 6, 2013 | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629. | |||
| CVE-2011-5184 | 0.03 | — | 0.03 | Sep 20, 2012 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3)… | |||
| CVE-2012-4362 | 0.03 | — | 0.03 | Aug 20, 2012 | hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838. | |||
| CVE-2012-2986 | 0.03 | — | 0.04 | Aug 20, 2012 | lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix… | |||
| CVE-2011-4834 | 0.03 | — | 0.01 | Dec 15, 2011 | The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt. | |||
| CVE-2009-5098 | 0.03 | — | 0.04 | Sep 13, 2011 | The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception. | |||
| CVE-2011-2403 | 0.03 | — | 0.02 | Aug 1, 2011 | SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||
| CVE-2010-4111 | 0.03 | — | 0.02 | Dec 22, 2010 | Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2010-3003 | 0.03 | — | 0.04 | Sep 10, 2010 | Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2010-3007 | 0.03 | — | 0.05 | Sep 9, 2010 | Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors. | |||
| CVE-2009-2684 | 0.03 | — | 0.02 | Oct 13, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL… | |||
| CVE-2009-1422 | 0.03 | — | 0.05 | Jul 14, 2009 | Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to gain privileges via unknown vectors, aka PR_41209. | |||
| CVE-2008-0952 | 0.03 | — | 0.06 | Jun 4, 2008 | The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second… | |||
| CVE-2008-0068 | 0.03 | — | 0.05 | Apr 16, 2008 | Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. | |||
| CVE-2007-6513 | 0.03 | — | 0.02 | Dec 21, 2007 | HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method. | |||
| CVE-2007-3649 | 0.03 | — | 0.05 | Jul 10, 2007 | Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard (HP) Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method. | |||
| CVE-2007-2656 | 0.03 | — | 0.04 | May 14, 2007 | Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method. | |||
| CVE-2007-2553 | 0.03 | — | 0.01 | May 9, 2007 | Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable. | |||
| CVE-2007-1882 | 0.03 | — | 0.06 | Apr 6, 2007 | qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method. | |||
| CVE-2007-1772 | 0.03 | — | 0.03 | Mar 30, 2007 | The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname. | |||
| CVE-2007-0805 | 0.03 | — | 0.01 | Feb 7, 2007 | The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587. | |||
| CVE-2007-0161 | 0.03 | — | 0.01 | Jan 10, 2007 | The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument,… | |||
| CVE-2006-5557 | 0.03 | — | 0.01 | Oct 27, 2006 | Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to… | |||
| CVE-2006-5556 | 0.03 | — | 0.01 | Oct 27, 2006 | Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable. | |||
| CVE-2006-1654 | 0.03 | — | 0.05 | Apr 6, 2006 | Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225. | |||
| CVE-2005-1370 | 0.03 | — | 0.06 | May 3, 2005 | Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors. | |||
| CVE-2004-2748 | 0.03 | — | 0.05 | Dec 31, 2004 | viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message. | |||
| CVE-2004-0492 | 0.03 | — | 0.34 | Aug 6, 2004 | Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be… | |||
| CVE-2003-1358 | 0.03 | — | 0.01 | Dec 31, 2003 | rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | |||
| CVE-2003-1097 | 0.03 | — | 0.04 | Dec 31, 2003 | Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | |||
| CVE-2003-1375 | 0.03 | — | 0.02 | Dec 31, 2003 | Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | |||
| CVE-2003-1359 | 0.03 | — | 0.01 | Dec 31, 2003 | Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | |||
| CVE-2003-1461 | 0.03 | — | 0.02 | Dec 31, 2003 | Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). | |||
| CVE-2003-0089 | 0.03 | — | 0.01 | Dec 15, 2003 | Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. | |||
| CVE-2003-0840 | 0.03 | — | 0.01 | Nov 17, 2003 | Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable. | |||
| CVE-2002-1473 | 0.03 | — | 0.04 | Apr 22, 2003 | Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2002-1513 | 0.03 | — | 0.01 | Apr 2, 2003 | The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges. | |||
| CVE-2002-0370 | 0.03 | — | 0.43 | Oct 10, 2002 | Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME,… | |||
| CVE-2002-0991 | 0.03 | — | 0.02 | Oct 4, 2002 | Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | |||
| CVE-2002-1614 | 0.03 | — | 0.02 | Sep 9, 2002 | Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at. | |||
| CVE-2002-1616 | 0.03 | — | 0.04 | Aug 1, 2002 | Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | |||
| CVE-2002-0250 | 0.03 | — | 0.04 | May 29, 2002 | Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration… | |||
| CVE-2001-0979 | 0.03 | — | 0.02 | Sep 3, 2001 | Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument. | |||
| CVE-2001-0208 | 0.03 | — | 0.01 | Jun 2, 2001 | MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files. | |||
| CVE-2000-1134 | 0.03 | — | 0.01 | Jan 9, 2001 | Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||
| CVE-2000-1127 | 0.03 | — | 0.01 | Jan 9, 2001 | registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world… | |||
| CVE-2000-1028 | 0.03 | — | 0.01 | Dec 11, 2000 | Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument. | |||
| CVE-2000-0702 | 0.03 | — | 0.01 | Oct 20, 2000 | The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. | |||
| CVE-2000-0636 | 0.03 | — | 0.04 | Jul 19, 2000 | HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. |
- CVE-2013-3574Jun 14, 2013risk 0.03cvss —epss 0.05
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
- CVE-2013-2324Jun 6, 2013risk 0.03cvss —epss 0.39
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.
- CVE-2011-5184Sep 20, 2012risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3)…
- CVE-2012-4362Aug 20, 2012risk 0.03cvss —epss 0.03
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
- CVE-2012-2986Aug 20, 2012risk 0.03cvss —epss 0.04
lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) first, (2) third, or (3) fourth parameter. NOTE: this vulnerability exists because of an incomplete fix…
- CVE-2011-4834Dec 15, 2011risk 0.03cvss —epss 0.01
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.
- CVE-2009-5098Sep 13, 2011risk 0.03cvss —epss 0.04
The LunaSysMgr process in Palm Pre WebOS 1.1 and earlier, when not viewing web pages in landscape mode, allows remote attackers to cause a denial of service (crash) via a web page containing a long string following a refresh tag, which triggers a floating point exception.
- CVE-2011-2403Aug 1, 2011risk 0.03cvss —epss 0.02
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
- CVE-2010-4111Dec 22, 2010risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2010-3003Sep 10, 2010risk 0.03cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2010-3007Sep 9, 2010risk 0.03cvss —epss 0.05
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.
- CVE-2009-2684Oct 13, 2009risk 0.03cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL…
- CVE-2009-1422Jul 14, 2009risk 0.03cvss —epss 0.05
Unspecified vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and earlier allows remote attackers to gain privileges via unknown vectors, aka PR_41209.
- CVE-2008-0952Jun 4, 2008risk 0.03cvss —epss 0.06
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second…
- CVE-2008-0068Apr 16, 2008risk 0.03cvss —epss 0.05
Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.
- CVE-2007-6513Dec 21, 2007risk 0.03cvss —epss 0.02
HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.
- CVE-2007-3649Jul 10, 2007risk 0.03cvss —epss 0.05
Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard (HP) Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method.
- CVE-2007-2656May 14, 2007risk 0.03cvss —epss 0.04
Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method.
- CVE-2007-2553May 9, 2007risk 0.03cvss —epss 0.01
Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable.
- CVE-2007-1882Apr 6, 2007risk 0.03cvss —epss 0.06
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
- CVE-2007-1772Mar 30, 2007risk 0.03cvss —epss 0.03
The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.
- CVE-2007-0805Feb 7, 2007risk 0.03cvss —epss 0.01
The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587.
- CVE-2007-0161Jan 10, 2007risk 0.03cvss —epss 0.01
The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, uses insecure SERVICE_CHANGE_CONFIG DACL permissions, which allows local users to gain privileges and execute arbitrary programs, as demonstrated by modifying the binpath argument,…
- CVE-2006-5557Oct 27, 2006risk 0.03cvss —epss 0.01
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to…
- CVE-2006-5556Oct 27, 2006risk 0.03cvss —epss 0.01
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
- CVE-2006-1654Apr 6, 2006risk 0.03cvss —epss 0.05
Directory traversal vulnerability in the HP Color LaserJet 2500 Toolbox and Color LaserJet 4600 Toolbox on Microsoft Windows before 20060402 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 5225.
- CVE-2005-1370May 3, 2005risk 0.03cvss —epss 0.06
Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors.
- CVE-2004-2748Dec 31, 2004risk 0.03cvss —epss 0.05
viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message.
- CVE-2004-0492Aug 6, 2004risk 0.03cvss —epss 0.34
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be…
- CVE-2003-1358Dec 31, 2003risk 0.03cvss —epss 0.01
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
- CVE-2003-1097Dec 31, 2003risk 0.03cvss —epss 0.04
Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option.
- CVE-2003-1375Dec 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.
- CVE-2003-1359Dec 31, 2003risk 0.03cvss —epss 0.01
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
- CVE-2003-1461Dec 31, 2003risk 0.03cvss —epss 0.02
Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473).
- CVE-2003-0089Dec 15, 2003risk 0.03cvss —epss 0.01
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.
- CVE-2003-0840Nov 17, 2003risk 0.03cvss —epss 0.01
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
- CVE-2002-1473Apr 22, 2003risk 0.03cvss —epss 0.04
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
- CVE-2002-1513Apr 2, 2003risk 0.03cvss —epss 0.01
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
- CVE-2002-0370Oct 10, 2002risk 0.03cvss —epss 0.43
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME,…
- CVE-2002-0991Oct 4, 2002risk 0.03cvss —epss 0.02
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.
- CVE-2002-1614Sep 9, 2002risk 0.03cvss —epss 0.02
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
- CVE-2002-1616Aug 1, 2002risk 0.03cvss —epss 0.04
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.
- CVE-2002-0250May 29, 2002risk 0.03cvss —epss 0.04
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration…
- CVE-2001-0979Sep 3, 2001risk 0.03cvss —epss 0.02
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
- CVE-2001-0208Jun 2, 2001risk 0.03cvss —epss 0.01
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
- CVE-2000-1134Jan 9, 2001risk 0.03cvss —epss 0.01
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
- CVE-2000-1127Jan 9, 2001risk 0.03cvss —epss 0.01
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world…
- CVE-2000-1028Dec 11, 2000risk 0.03cvss —epss 0.01
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
- CVE-2000-0702Oct 20, 2000risk 0.03cvss —epss 0.01
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
- CVE-2000-0636Jul 19, 2000risk 0.03cvss —epss 0.04
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command.
Page 22 of 46