RSS   Vulnerabilities for 'Network camera server vb101'   RSS

2007-05-14
 
CVE-2007-2680

 

 
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
2007-03-02
 
CVE-2006-7065

 

 
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.

 
2006-07-05
 
CVE-2006-3354

 

 
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference.

 
2006-06-07
 
CVE-2006-2900

CWE-200
 

 
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.

 
2006-04-11
 
CVE-2006-1192

CWE-20
 

 
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626.

 
 
CVE-2006-1188

CWE-Other
 

 
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.

 
 
CVE-2006-1185

CWE-Other
 

 
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption.

 
2005-12-31
 
CVE-2005-4827

CWE-Other
 

 
Internet Explorer 6.0, and possibly other versions, allows remote attackers to bypass the same origin security policy and make requests outside of the intended domain by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) and using tab, newline, and carriage return characters within the first argument (method name), which is supported by some proxy servers that convert tabs to spaces. NOTE: this issue can be leveraged to conduct referer spoofing, HTTP Request Smuggling, and other attacks.

 

 >>> Vendor: Canon 34 Products
Imagerunner 5000i
Imagerunner c3200
Network camera server vb101
Imagerunner 2620
Imagerunner 5020
Imagerunner 6870
Imagerunner 8500
Imagerunner 9070
Imagerunner c3220
Imagerunner c6800
Network camera server vb100
Network camera server vb150
I-sensys
Imagepress
Imagerunner
Mg3100 printer
Mg5300 printer
Mg6100 printer
Mp340 printer
Mp495 printer
Mx870 printer
Mx890 printer
Mx920 printer
Mx922 printer
Pixma mg7500 series inkjet printer
Lbp3370 firmware
Lbp3460 firmware
Lbp6650 firmware
Lbp7750c firmware
Efi printme
Mf210 firmware
Mf220 firmware
Lbp6030w firmware
Lbp7110cw firmware


Copyright 2019, cxsecurity.com

 

Back to Top