Vulnerabilities > Fujitsu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-08 | CVE-2008-1207 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Fujitsu products Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repository, as used in multiple Fujitsu Interstage products, allow remote attackers to cause a denial of service (daemon crash) via (1) an invalid request or (2) a large amount of data sent to the registered attribute value. | 5.0 |
2008-02-27 | CVE-2008-1040 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Fujitsu products Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI. | 10.0 |
2007-10-11 | CVE-2007-5366 | Path Traversal vulnerability in Fujitsu products The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and Interstage Apworks/Studio 7.0 through 9.0.0 allows remote attackers to obtain sensitive information (web root path) via unspecified vectors that trigger an error message, probably related to enabling the useCanonCaches Java Virtual Machine (JVM) option. | 5.0 |
2007-07-05 | CVE-2007-3012 | Information Disclosure vulnerability in Fujitsu PRIMERGY BX300 Blade Server The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm. | 5.0 |
2007-07-05 | CVE-2007-3011 | Remote Command Execution vulnerability in Fujitsu ServerView DBASCIIAccess The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter. | 7.5 |
2007-03-19 | CVE-2007-1505 | Information Disclosure vulnerability in Fujitsu Fence and Systemwalker Desktop Encryption Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding password from certain "self-decoding" file types. | 2.1 |
2007-03-19 | CVE-2007-1504 | Cross-Site Scripting vulnerability in iNTERSTAGE Application Server Standard Edition Cross-site scripting (XSS) vulnerability in the Servlet Service in Fujitsu Interstage Application Server (IJServer) 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes. network fujitsu | 4.3 |
2006-07-13 | CVE-2006-3579 | Cross-Site Scripting vulnerability in Fujitsu Serverview Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-07-13 | CVE-2006-3578 | Directory Traversal vulnerability in Fujitsu Serverview 2.50 Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2006-05-22 | CVE-2006-2517 | SQL-Injection vulnerability in Myweb Portal Office SQL injection vulnerability in MyWeb Portal Office, Standard Edition, Public Edition, Medical Edition, Citizen Edition, School Edition, and Light Edition allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |