Vulnerabilities > Progress > Progress > 9.1e
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-15 | CVE-2007-2417 | Buffer Overflow vulnerability in Progress and OpenEdge _mprosrv Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. | 10.0 |
2007-05-04 | CVE-2007-2506 | Denial Of Service vulnerability in Progress WebSpeed WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO. | 7.8 |