Vulnerabilities > 3Com > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-27 | CVE-2010-2103 | Cross-Site Scripting vulnerability in Apache Axis2 1.4.1/1.5.1 Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. | 4.3 |
| 2007-07-03 | CVE-2007-3533 | Remote Denial of Service vulnerability in 3Com 3Cnj220 2.0.22 The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field. | 5.0 |
| 2007-06-11 | CVE-2006-3974 | Cross-Site Scripting vulnerability in 3Com 3Cr860-95 1.04 Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. network 3com | 4.3 |
| 2006-07-26 | CVE-2006-3678 | 7PK - Security Features vulnerability in 3Com Tippingpoint IPS TOS TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet. | 5.0 |
| 2006-05-10 | CVE-2006-0993 | Information Disclosure vulnerability in 3Com Tippingpoint SMS Server 2.2.1.4477 The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings. | 5.0 |
| 2006-04-26 | CVE-2006-2054 | Remote Denial Of Service vulnerability in 3Com 3C16486 1.0.2 3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attackers to cause a denial of service (unstable operation) via long DHCP packets. | 5.0 |
| 2005-09-08 | CVE-2005-2020 | Unspecified vulnerability in 3Com 3C15100D 5.0.2 Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700. | 5.0 |
| 2005-07-27 | CVE-2005-2391 | Information Disclosure Vulnerabilit in OfficeConnect Wireless11g Access Point 3CRWE454G72 Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point before 1.03.12 allows remote attackers to obtain sensitive information via the web interface. | 5.0 |
| 2005-05-02 | CVE-2005-0278 | Remote vulnerability in 3Com 3Cdaemon 2.0 The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message. | 5.0 |
| 2005-05-02 | CVE-2005-0277 | Remote vulnerability in 3Com 3Cdaemon 2.0 Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls. | 5.0 |