CyberSecurityBoard
Sponsor Register Login

CVE-2001-0658

Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.

Publication date: Thu, 20 Sep 2001 09:00:00 +0000


Cyber News related to CVE-2001-0658

CVE-2021-47146 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2001-0658 - Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not ...
6 years ago
CVE-2001-1492 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. Notes: All CVE users should reference CVE-2001-1460 instead of this candidate. All references and ...
55 years ago Tenable.com
CVE-2001-1121 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1084. Reason: This candidate is a duplicate of CVE-2001-1084. Notes: All CVE users should reference CVE-2001-1084 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2001-1167 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate ...
55 years ago Tenable.com
CVE-2019-0658 - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0648. ...
4 years ago
CVE-2019-0648 - An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an ...
4 years ago
CVE-2007-5156 - Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary ...
4 years ago
CVE-2009-0927 - Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different ...
6 years ago
CVE-2006-2529 - editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is ...
14 years ago
CVE-2007-3163 - Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue ...
7 years ago
CVE-2008-0658 - slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698. ...
6 years ago
CVE-2021-0658 - In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ...
3 years ago
CVE-2000-0658 - Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the POP3 protocol. ...
16 years ago
CVE-2012-0658 - Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. ...
13 years ago
CVE-2013-0658 - Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. ...
12 years ago
CVE-2002-0658 - OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack. ...
11 years ago
CVE-2015-0658 - The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on ...
9 years ago
CVE-2005-0658 - SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter. ...
8 years ago
CVE-2016-0658 - Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Optimizer. ...
8 years ago
CVE-2004-0658 - Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions ...
7 years ago
CVE-2007-0658 - The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in ...
7 years ago
CVE-2014-0658 - Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898. ...
7 years ago
CVE-2010-0658 - Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS ...
7 years ago
CVE-2006-0658 - Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the ...
7 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)