Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-02-25 | CVE-2011-0382 | OS Command Injection vulnerability in Cisco products The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221. | 10.0 |
2011-02-25 | CVE-2011-0381 | OS Command Injection vulnerability in Cisco Telepresence Manager Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085. | 10.0 |
2011-02-25 | CVE-2011-0376 | Information Exposure vulnerability in Cisco products The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876. | 10.0 |
2011-02-25 | CVE-2011-0375 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671. | 9.0 |
2011-02-25 | CVE-2011-0374 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659. | 9.0 |
2011-02-25 | CVE-2011-0373 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685. | 9.0 |
2011-02-25 | CVE-2011-0372 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640. | 10.0 |
2011-02-23 | CVE-2011-1065 | Buffer Errors vulnerability in Pipi Player 2.8.0.0 Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods. | 9.3 |
2011-02-21 | CVE-2011-1054 | Buffer Overflow vulnerability in Hex-Rays IDA 5.7/6.0 Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors. | 10.0 |
2011-02-21 | CVE-2011-1052 | Numeric Errors vulnerability in Hex-Rays IDA 5.7/6.0 Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | 10.0 |