RSS   Vulnerabilities for 'Openedge'   RSS

2017-10-31
 
CVE-2015-9245

CWE-284
 

 
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated remote attackers to specify arbitrary URLs from which to load and execute malicious Java classes via port 20931.

 
2014-11-12
 
CVE-2014-8555

 

 
Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.

 
2007-06-29
 
CVE-2007-3491

CWE-Other
 

 
Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message.

 
2007-07-15
 
CVE-2007-2417

CWE-Other
 

 
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.

 

 >>> Vendor: Progress 10 Products
Webspeed
Progress
Database
4gl compiler
Webspeed messenger
Openedge
Sitefinity
Kendo ui editor
Sitefinity cms
Fiddler


Copyright 2019, cxsecurity.com

 

Back to Top