Computer Security
[EN] securityvulns.ru no-pyccku


EMC Avamar secrurity vulnerabilities
Published:17.03.2011
Source:
SecurityVulns ID:11506
Type:remote
Threat Level:
5/10
Description:Information leakage, privilege escalation.
Affected:EMC : Avamar 4.1
 EMC : Avamar 5.0
CVE:CVE-2011-0648 (Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors.)
 CVE-2011-0442 (The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network.)
Original documentdocumentEMC, ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability (17.03.2011)

SAP GUI DLL hijacking
Published:17.03.2011
Source:
SecurityVulns ID:11508
Type:client
Threat Level:
4/10
Description:DLL hijacking by placing .sap files in network floder.
Affected:SAP : SAP GUI 6.40
 SAP : SAP GUI 7.20
Original documentdocumentAlexandr Polyakov, [DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking (17.03.2011)

RSA Access Manager Server unauthorized access
Published:17.03.2011
Source:
SecurityVulns ID:11507
Type:remote
Threat Level:
5/10
Affected:EMC : RSA Access Manager Server 5.5
 EMC : RSA Access Manager Server 6.0
 EMC : RSA Access Manager Server 6.1
CVE:CVE-2011-0322 (Unspecified vulnerability in EMC RSA Access Manager Server 5.5.x, 6.0.x, and 6.1.x allows remote attackers to access resources via unknown vectors.)
Original documentdocumentEMC, ESA-2011-009: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server (17.03.2011)

SAP Crystal Reports Server crossite scripting
Published:17.03.2011
Source:
SecurityVulns ID:11509
Type:remote
Threat Level:
5/10
Description:Multiple crossite scripting vulnerabilities.
Affected:SAP : Crystal Report Server 2008
Original documentdocumentAlexandr Polyakov, [DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS (17.03.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod