Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27908 of 28407

CVE-2017-5966

Posted by Cyberthreat Blog | May 23, 2017 | CVE Notifications |

Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter.

CVE-2017-5965

Posted by Cyberthreat Blog | May 23, 2017 | CVE Notifications |

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a .. in its pathname, visiting...

CVE-2015-5401

Posted by Cyberthreat Blog | May 22, 2017 | CVE Notifications |

Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG...

CVE-2015-4045

Posted by Cyberthreat Blog | May 22, 2017 | CVE Notifications |

The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script.

CVE-2015-5383

Posted by Cyberthreat Blog | May 22, 2017 | CVE Notifications |

Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.

Author: Cyberthreat Blog

CVE-2017-5966

CVE-2017-5965

CVE-2015-5401

CVE-2015-4045

CVE-2015-5383