|
312481
|
- |
|
websense
|
websense_email_security
|
Websense Email Security 7.1 before Hotfix 4 allows remote attackers to bypass the sender-based blacklist by using the 8BITMIME EHLO keyword in the SMTP session.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5121
|
2024-11-21 10:11 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312482
|
- |
|
websense
|
websense_web_security
websense_web_filter
|
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it e…
|
CWE-16
Configuration
|
CVE-2009-5120
|
2024-11-21 10:11 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312483
|
- |
|
websense
|
websense_web_security
websense_web_filter
|
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers …
|
CWE-16
Configuration
|
CVE-2009-5119
|
2024-11-21 10:11 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312484
|
- |
|
mcafee
|
virusscan_enterprise
|
Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a …
|
NVD-CWE-Other
|
CVE-2009-5118
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312485
|
- |
|
mcafee
|
host_data_loss_prevention
|
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive inf…
|
CWE-200
Information Exposure
|
CVE-2009-5117
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312486
|
- |
|
mcafee
|
linuxshield
|
McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client …
|
CWE-287
Improper Authentication
|
CVE-2009-5116
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312487
|
- |
|
mcafee
|
common_management_agent
|
McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5115
|
2024-11-21 10:11 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312488
|
- |
|
mysql
oracle
|
mysql
|
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows…
|
CWE-89
SQL Injection
|
CVE-2009-5026
|
2024-11-21 10:11 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312489
|
- |
|
redhat
|
jboss_community_application_server
jboss_enterprise_application_platform
|
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments.
|
CWE-255
Credentials Management
|
CVE-2009-5066
|
2024-11-21 10:11 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312490
|
- |
|
trustwave
opensuse
|
modsecurity
opensuse
|
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2009-5031
|
2024-11-21 10:11 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
