Rhinosoft
Products
4- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-4873 | 0.08 | — | 0.60 | May 26, 2010 | Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie. | ||
| CVE-2004-1691 | 0.04 | — | 0.08 | Sep 18, 2004 | The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | ||
| CVE-2007-1079 | 0.03 | — | 0.06 | Feb 22, 2007 | Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command. | ||
| CVE-2004-1939 | 0.03 | — | 0.01 | Apr 14, 2004 | Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter. | ||
| CVE-2010-4154 | 0.00 | — | 0.00 | Nov 3, 2010 | Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. | ||
| CVE-2004-1690 | 0.00 | — | 0.01 | Sep 18, 2004 | Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | ||
| CVE-2001-1103 | 0.00 | — | 0.01 | Mar 3, 2001 | FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. |
- CVE-2009-4873May 26, 2010risk 0.08cvss —epss 0.60
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
- CVE-2004-1691Sep 18, 2004risk 0.04cvss —epss 0.08
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.
- CVE-2007-1079Feb 22, 2007risk 0.03cvss —epss 0.06
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
- CVE-2004-1939Apr 14, 2004risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or HTML via double encoded slashes (%252F) in the key parameter.
- CVE-2010-4154Nov 3, 2010risk 0.00cvss —epss 0.00
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
- CVE-2004-1690Sep 18, 2004risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
- CVE-2001-1103Mar 3, 2001risk 0.00cvss —epss 0.01
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.