Vulnerabilities > Bluecoat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-02 | CVE-2015-1454 | Cryptographic Issues vulnerability in Bluecoat Proxyclient and Unified Agent Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate. | 7.1 |
| 2014-03-02 | CVE-2014-2033 | Permissions, Privileges, and Access Controls vulnerability in Bluecoat Proxysgos The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials. | 7.9 |
| 2013-09-28 | CVE-2013-5959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bluecoat Proxysg and Proxysgos Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. | 7.1 |
| 2008-11-18 | CVE-2008-5121 | Permissions, Privileges, and Access Controls vulnerability in Citrix Deterministic Network Enhancer 2.21.7.223/3.21.7.17464 dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. | 7.2 |
| 2007-02-06 | CVE-2007-0796 | Remote Heap Overflow vulnerability in Bluecoat Winproxy 6.0/6.1 Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption. | 7.5 |
| 2005-12-31 | CVE-2005-4085 | Remote Host Header Buffer Overflow vulnerability in Bluecoat Proxyav and Webproxy Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | 7.5 |
| 2005-12-31 | CVE-2005-3654 | Remote Denial Of Service vulnerability in Blue Coat Systems WinProxy Telnet Blue Coat Systems Inc. | 7.5 |
| 2005-05-24 | CVE-2005-1709 | HTML Injection vulnerability in Bluecoat Reporter 7.1.1 Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license. | 7.5 |
| 2004-11-23 | CVE-2004-0079 | NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | 7.5 |