Jesus Olmos Gonzalez

#8234of 53,633
33.4Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2008-4691
9.3
2008-07-24
Filesys · Filesys::Smbclientparser · CVE-2008-3285
Name of the Vulnerable Software and Affected Versions: Filesys::SmbClientParser versions 2.7 and earlier Description: The issue allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters. Recommendations: For versions 2.7 and earlier, update to a version later than 2.7 to resolve the issue.
PT-2007-7363
10
2007-12-27
Tikiwiki · Tikiwiki · CVE-2007-6529
**Name of the Vulnerable Software and Affected Versions** TikiWiki versions prior to 1.9.9 **Description** The issue involves multiple unspecified vulnerabilities in TikiWiki. These vulnerabilities have unknown impact and attack vectors, specifically involving the following endpoints: "tiki-edit css.php", "tiki-list games.php", or "tiki-g-admin shared source.php". **Recommendations** For versions prior to 1.9.9, update to version 1.9.9 or later to resolve the issue.
PT-2006-6974
6.8
2006-12-07
Bluesocket · Bluesocket Secure Controller · CVE-2006-6363
**Name of the Vulnerable Software and Affected Versions** BlueSocket Secure Controller (BSC) versions prior to 5.2 BlueSocket Secure Controller (BSC) version 5.1 without 5.1.1-BluePatch **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the `ad name` parameter. This can be exploited by sending malicious input to the admin.pl script. **Recommendations** For BlueSocket Secure Controller (BSC) versions prior to 5.2, update to version 5.2 or later. For BlueSocket Secure Controller (BSC) version 5.1, apply the 5.1.1-BluePatch to resolve the issue. As a temporary workaround, consider restricting access to the admin.pl script to minimize the risk of exploitation. Avoid using the `ad name` parameter in the affected script until the issue is resolved.
PT-2006-3326
7.3
2006-05-15
Gnu · Gnu Binutils · CVE-2006-2362
**Name of the Vulnerable Software and Affected Versions** GNU Binutils versions prior to 20060423 **Description** The issue allows context-dependent attackers to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code. This can be achieved via a file with a crafted Tektronix Hex Format (TekHex) record where the length character is not a valid hexadecimal character. **Recommendations** For GNU Binutils versions prior to 20060423, update to a version released after 20060423 to resolve the issue. As a temporary workaround, consider restricting the use of the `getsym` function in `tekhex.c` until a patch is available. Avoid using the vulnerable `libbfd` component with untrusted input files to minimize the risk of exploitation.