Vulnerabilities > Proofpoint > Messaging Security Gateway

DATE CVE VULNERABILITY TITLE RISK
2011-05-05 CVE-2011-1905 Cross-Site Request Forgery (CSRF) vulnerability in Proofpoint Messaging Security Gateway and Protection Server
Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication of administrators via unknown vectors.
6.8
2011-05-05 CVE-2011-1904 OS Command Injection vulnerability in Proofpoint Messaging Security Gateway and Protection Server
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command injection" issue.
network
low complexity
proofpoint CWE-78
7.5
2011-05-05 CVE-2011-1903 SQL Injection vulnerability in Proofpoint Messaging Security Gateway and Protection Server
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
network
low complexity
proofpoint CWE-89
7.5
2011-05-05 CVE-2011-1902 Path Traversal vulnerability in Proofpoint Messaging Security Gateway and Protection Server
Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
proofpoint CWE-22
5.0
2011-05-05 CVE-2011-1901 Improper Authentication vulnerability in Proofpoint Messaging Security Gateway and Protection Server
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors.
network
low complexity
proofpoint CWE-287
7.5