Computer Security
[EN] securityvulns.ru no-pyccku


NetIQ eDirectory NDS iMonitor security vulnerabilities
Published:22.12.2014
Source:
SecurityVulns ID:14156
Type:remote
Threat Level:
5/10
Description:Crossite scripting, information leakage.
Affected:NETIQ : eDirectory NDS iMonitor 8.8
CVE:CVE-2014-5213 (nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.)
 CVE-2014-5212 (Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor (22.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod