CVE-2016-1608
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
Source: CVE-2016-1608
[월:] 2016년 08월
CVE-2016-1607 (filr)
CVE-2016-1607 (filr)
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request.
Source: CVE-2016-1607 (filr)
CVE-2016-1607
CVE-2016-1607
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request.
Source: CVE-2016-1607
CVE-2016-1605 (sentinel)
CVE-2016-1605 (sentinel)
Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field.
Source: CVE-2016-1605 (sentinel)
CVE-2016-1605
CVE-2016-1605
Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field.
Source: CVE-2016-1605
CVE-2016-1461 (email_security_appliance)
CVE-2016-1461 (email_security_appliance)
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932.
CVE-2016-1461
CVE-2016-1461
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932.
Source: CVE-2016-1461