Vulnerabilities > EMC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-08-21 | CVE-2007-3618 | Remote Exec Service Stack Buffer Overflow vulnerability in EMC Legato Networker Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd." | 9.3 |
| 2007-08-03 | CVE-2007-4155 | Remote Code Execution vulnerability in EMC VMWare 6.0.0 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method. | 9.3 |
| 2007-07-30 | CVE-2007-4058 | Path Traversal vulnerability in EMC VMWare 6.0.0 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | 4.3 |
| 2007-04-30 | CVE-2006-7201 | Remote Security vulnerability in Rsa Security Sitekey EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP. | 9.3 |
| 2007-04-30 | CVE-2006-7200 | Security Bypass vulnerability in Rsa Security Sitekey EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token. | 9.0 |
| 2007-04-30 | CVE-2006-7199 | Remote Security vulnerability in Rsa Security Sitekey EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle (MITM) attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. network emc | 8.5 |
| 2007-03-02 | CVE-2006-3892 | Remote Authentication Bypass vulnerability in EMC Networker 7.3.2 The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. | 10.0 |
| 2006-05-16 | CVE-2006-2391 | Remote Buffer Overflow vulnerability in EMC Dantz Retrospect Backup Client Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | 7.5 |
| 2006-05-03 | CVE-2006-2155 | Local Security vulnerability in Retrospect for Windows EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | 4.6 |
| 2006-05-03 | CVE-2006-2154 | Local Privilege Escalation vulnerability in EMC Dantz Retrospect Backup Server EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. | 7.2 |