Vulnerabilities > Badblue
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-04-28 | CVE-2008-2003 | Permissions, Privileges, and Access Controls vulnerability in Badblue 2.72 BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dyndns.exe. | 7.5 |
2007-12-15 | CVE-2007-6379 | Configuration vulnerability in Badblue BadBlue 2.72b and earlier allows remote attackers to obtain sensitive information via an invalid browse parameter, which reveals the installation path in an error message. | 5.0 |
2007-12-15 | CVE-2007-6378 | Path Traversal vulnerability in Badblue Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. | 7.5 |
2007-12-15 | CVE-2007-6377 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Badblue Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string. | 7.5 |