RSS   Podatności dla 'Enterprise server'   RSS

2016-04-22
 
CVE-2016-3126

 

 
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

 
 
CVE-2016-1918

 

 
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1917.

 
 
CVE-2016-1917

 

 
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918.

 
 
CVE-2016-1916

 

 
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen.

 
2015-11-19
 
CVE-2015-4112

 

 
The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.

 
2014-08-18
 
CVE-2014-1469

 

 
BlackBerry Enterprise Server 5.x before 5.0.4 MR7 and Enterprise Service 10.x before 10.2.2 log cleartext credentials during exception handling, which allows local users to obtain sensitive information by reading the exception log file.

 
2014-02-14
 
CVE-2014-1467

CWE-255
 

 
BlackBerry Enterprise Service 10 before 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino through 5.0.4, Enterprise Server Express for Exchange through 5.0.4, Enterprise Server for Domino through 5.0.4 MR6, Enterprise Server for Exchange through 5.0.4 MR6, and Enterprise Server for GroupWise through 5.0.4 MR6 log cleartext credentials during exception handling, which might allow context-dependent attackers to obtain sensitive information by reading a log file.

 
2008-07-21
 
CVE-2008-3246

CWE-noinfo
 

 
Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file attachment.

 

 >>> Vendor: Blackberry 28 Produkty
Enterprise server
Unite
Blackberry tablet os
Qnx momentics tool suite
Qnx software development platform
Qnx neutrino rtos
Z10
Blackberry os
Blackberry enterprise service
Blackberry link
Blackberry universal device service
Enterprise server express
Blackberry z10
Q10
Q5
Z30
Blackberry world
Good enterprise mobility server
Enterprise service
VAPP
Appliance-x
Good control server
Unified endpoint manager
Workspaces
Workspaces appliance-x
Workspaces vapp
Enterprise mobility server
Unified endpoint management


Copyright 2020, cxsecurity.com

 

Back to Top