Vulnerabilities (CVE)

Filtered by vendor Proofpoint Subscribe
Filtered by product Protection Server
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1905 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2024-02-28 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication of administrators via unknown vectors.
CVE-2011-1901 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2024-02-28 7.5 HIGH N/A
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2011-1904 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2024-02-28 7.5 HIGH N/A
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command injection" issue.
CVE-2011-1902 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2024-02-28 5.0 MEDIUM N/A
Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2011-1903 1 Proofpoint 2 Messaging Security Gateway, Protection Server 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.