RSS   Vulnerabilities for 'Ewave servletexec'   RSS

2001-01-09
 
CVE-2000-1114

 

 
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".

 
2000-12-11
 
CVE-2000-1025

CWE-Other
 

 
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.

 
 
CVE-2000-1024

 

 
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.

 
2000-06-08
 
CVE-2000-0498

 

 
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.

 

 >>> Vendor: Unify 12 Products
Ewave servletexec
Openscape desk phone ip 55g hfa firmware
Openscape desk phone ip 35g eco sip firmware
Openscape desk phone ip 35g hfa firmware
Openstage 20e firmware
Openstage 40 firmware
Openstage 60 firmware
Openscape desk phone ip 55g sip firmware
Openstage 20 firmware
Openscape desk phone ip 35g sip firmware
Openstage 15 firmware
Openscape deployment service


Copyright 2024, cxsecurity.com

 

Back to Top