Vulnerabilities > Geopp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-04 | CVE-2010-0554 | Improper Authentication vulnerability in Geopp Geo++ Gncaster 1.4.0.0 The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack. | 7.5 |
| 2010-02-04 | CVE-2010-0553 | Buffer Errors vulnerability in Geopp Geo++ Gncaster 1.4.0.0 Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. | 6.5 |
| 2010-02-04 | CVE-2010-0552 | Improper Input Validation vulnerability in Geopp Geo++ Gncaster 1.4.0.0 Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI. | 7.5 |
| 2010-02-04 | CVE-2010-0551 | Information Exposure vulnerability in Geopp Geo++ Gncaster 1.4.0.0 HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. | 5.0 |
| 2010-02-04 | CVE-2010-0550 | Improper Authentication vulnerability in Geopp Geo++ Gncaster 1.4.0.0 admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy. | 4.0 |