RSS   Vulnerabilities for 'Webspeed messenger'   RSS

2007-04-30
 
CVE-2007-2354

CWE-Other
 

 
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information.

 
2007-04-25
 
CVE-2007-2266

CWE-Other
 

 
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName parameter.

 

 >>> Vendor: Progress 14 Products
Webspeed
Progress
Database
4gl compiler
Webspeed messenger
Openedge
Sitefinity cms
Sitefinity
Kendo ui editor
Fiddler
Kendo ui
Ipswitch ws ftp server
Moveit transfer
Moveit automation


Copyright 2024, cxsecurity.com

 

Back to Top