|
299231
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4595
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299232
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to ca…
|
CWE-399
Resource Management Errors
|
CVE-2010-4594
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299233
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address …
|
CWE-399
Resource Management Errors
|
CVE-2010-4593
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299234
|
- |
|
ibm
|
lotus_mobile_connect
|
The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attemp…
|
CWE-399
Resource Management Errors
|
CVE-2010-4592
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299235
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, whic…
|
CWE-287
Improper Authentication
|
CVE-2010-4591
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299236
|
- |
|
ibm
|
lotus_mobile_connect
|
Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4590
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299237
|
- |
|
ibm
|
enovia
|
Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4589
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299238
|
- |
|
vmware
|
esxi
|
The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary…
|
CWE-287
Improper Authentication
|
CVE-2010-4573
|
2024-11-21 10:21 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299239
|
- |
|
opera
|
opera_browser
|
Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact …
|
NVD-CWE-Other
|
CVE-2010-4587
|
2024-11-21 10:21 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299240
|
- |
|
opera
|
opera_browser
|
The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508.
|
CWE-16
Configuration
|
CVE-2010-4586
|
2024-11-21 10:21 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
