Filtered by vendor 4d
Subscribe
Total
13 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-4770 | 2 4d, Microsoft | 3 4d, Server, Windows | 2024-02-28 | N/A | 7.8 HIGH |
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution. | |||||
CVE-2023-30222 | 1 4d | 1 Server | 2024-02-28 | N/A | 7.5 HIGH |
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping. | |||||
CVE-2023-30223 | 1 4d | 1 Server | 2024-02-28 | N/A | 7.5 HIGH |
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions. | |||||
CVE-2005-1507 | 1 4d | 1 Webstar | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. | |||||
CVE-2005-3143 | 1 4d | 1 Webstar | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. | |||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2024-02-28 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||||
CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | |||||
CVE-2004-0698 | 1 4d | 1 Webstar | 2024-02-28 | 3.6 LOW | N/A |
4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack. | |||||
CVE-2004-0697 | 1 4d | 1 Webstar | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information. | |||||
CVE-2004-0696 | 1 4d | 1 Webstar | 2024-02-28 | 5.0 MEDIUM | N/A |
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character. | |||||
CVE-2004-0695 | 1 4d | 1 Webstar | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. | |||||
CVE-2000-0290 | 1 4d | 1 Webstar Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. | |||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |