Wolfram Research
Products
2- 3 CVEs
- 3 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-0926 | 0.04 | — | 0.18 | Oct 4, 2002 | Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter. | ||
| CVE-2009-4814 | 0.03 | — | 0.02 | Apr 27, 2010 | Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. | ||
| CVE-2010-2027 | 0.00 | — | 0.00 | May 24, 2010 | Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | ||
| CVE-2009-4812 | 0.00 | — | 0.00 | Apr 27, 2010 | Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message. | ||
| CVE-2001-1058 | 0.00 | — | 0.00 | Feb 13, 2002 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | ||
| CVE-2001-1057 | 0.00 | — | 0.01 | Jul 30, 2001 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests. |
- CVE-2002-0926Oct 4, 2002risk 0.04cvss —epss 0.18
Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter.
- CVE-2009-4814Apr 27, 2010risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script.
- CVE-2010-2027May 24, 2010risk 0.00cvss —epss 0.00
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf.
- CVE-2009-4812Apr 27, 2010risk 0.00cvss —epss 0.00
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.
- CVE-2001-1058Feb 13, 2002risk 0.00cvss —epss 0.00
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license.
- CVE-2001-1057Jul 30, 2001risk 0.00cvss —epss 0.01
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests.