RSS   Podatności dla 'Rumba'   RSS

2016-11-03
 
CVE-2016-9176

 

 
Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code.

 
2016-07-02
 
CVE-2016-5228

 

 
Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability.

 
 
CVE-2016-1606

 

 
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client.

 

 >>> Vendor: Microfocus 68 Produkty
Directory server
Enterprise server
Netware
Client
Cobol
Edirectory
Rumba
Open enterprise server
Identity manager
Access manager
Service manager
Visibroker
Operations agent
Project and portfolio management center
Reflection for the web
Data protector
Network automation
Connected backup
Fortify software security center
Arcsight logger
Arcsight enterprise security manager
Verastream host integrator
Unified functional testing
Operations manager i
Service virtualization
Network virtualization
FILR
Content manager
Arcsight management center
Rumba ftp
Host access management and security server
Reflection security gateway
Reflection zfe
VIBE
Enterprise server monitor and control
Enterprise developer
Arcsight enterprise security manager express
Application performance management
Ucmdb configuration manager
Bi-directional driver
Project and portfolio management
Fortify audit workbench
Universal cmdb foundation software
Cms server
Universal cmdb
Universal cmdb browser
Data center automation
Hybrid cloud management
Network operations management
Operations bridge
Service management automation
Real user monitoring
Netiq edirectory
Solutions business manager
Netiq self service password reset
Verastream host integrato
Service manager chat server
Service manager chat service
Acutoweb
Service manager automation
Secure messaging gateway
Operation bridge reporter
IDOL
Operations bridge manager
Application automation tools
Netiq advanced authentication
Voltage securemail
Netiq access manager


Copyright 2024, cxsecurity.com

 

Back to Top