Vulnerabilities > HP > HP UX
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-20 | CVE-2008-0707 | Permissions, Privileges, and Access Controls vulnerability in HP Storageworks Library and Tape Tools HP StorageWorks Library and Tape Tools (LTT) before 4.5 SR1 on HP-UX B.11.11 and B.11.23 allows local users to gain privileges via unspecified vectors. | 7.2 |
2008-02-06 | CVE-2008-0212 | Resource Management Errors vulnerability in HP Openview Network Node Manager 6.41/7.01/7.51 ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. | 7.8 |
2008-01-23 | CVE-2007-6425 | Buffer Errors vulnerability in HP Hp-Ux 11.31 Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors. | 10.0 |
2007-12-24 | CVE-2007-6419 | Remote Denial Of Service vulnerability in HP Hp-Ux 11.11/11.23/11.31 Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 7.8 |
2007-12-15 | CVE-2007-6195 | Buffer Errors vulnerability in HP Hp-Ux 11.11/11.23 Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request. | 10.0 |
2007-12-04 | CVE-2007-6232 | Cross-Site Scripting vulnerability in FTP Admin 0.1.0 Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action. | 4.3 |
2007-11-14 | CVE-2007-5946 | Local Unauthorized Access vulnerability in HP-UX Aries PA-RISC Emulator Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access. | 7.2 |
2007-10-09 | CVE-2007-5302 | Cross-Site Scripting vulnerability in HP Hp-Ux 11.11/11.23/11.31 Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2007-09-20 | CVE-2007-5008 | Improper Authentication vulnerability in HP Hp-Ux 11.11/11.23/11.31 The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. | 9.0 |
2007-09-18 | CVE-2007-4938 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | 7.6 |