Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for mpki by verisign

    CVE-2007-1083 (GCVE-0-2007-1083)

    Vulnerability from nvd – Published: 2007-02-23 00:00 – Updated: 2024-08-07 12:43
    VLAI
    Summary
    Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/33479 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/24249 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/308087 third-party-advisoryx_refsource_CERT-VN
    http://jvn.jp/cert/JVNVU%23308087/index.html x_refsource_MISC
    https://download.verisign.co.jp/support/announce/… x_refsource_CONFIRM
    http://attrition.org/pipermail/vim/2007-February/… mailing-listx_refsource_VIM
    http://www.securitytracker.com/id?1017693 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/22676 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/22671 vdb-entryx_refsource_BID
    http://attrition.org/pipermail/vim/2007-February/… mailing-listx_refsource_VIM
    http://www.jpcert.or.jp/at/2007/at070006.txt x_refsource_MISC
    http://www.securitytracker.com/id?1017692 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1017694 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/0702 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    Date Public
    2007-02-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:43:22.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "33479",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33479"
              },
              {
                "name": "24249",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24249"
              },
              {
                "name": "verisign-configchk-bo(32639)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
              },
              {
                "name": "VU#308087",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/308087"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://download.verisign.co.jp/support/announce/20070216.html"
              },
              {
                "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
              },
              {
                "name": "1017693",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017693"
              },
              {
                "name": "22676",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22676"
              },
              {
                "name": "22671",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22671"
              },
              {
                "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
              },
              {
                "name": "1017692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017692"
              },
              {
                "name": "1017694",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017694"
              },
              {
                "name": "ADV-2007-0702",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0702"
              },
              {
                "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-02-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "33479",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33479"
            },
            {
              "name": "24249",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24249"
            },
            {
              "name": "verisign-configchk-bo(32639)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
            },
            {
              "name": "VU#308087",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/308087"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://download.verisign.co.jp/support/announce/20070216.html"
            },
            {
              "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
            },
            {
              "name": "1017693",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017693"
            },
            {
              "name": "22676",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22676"
            },
            {
              "name": "22671",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22671"
            },
            {
              "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
            },
            {
              "name": "1017692",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017692"
            },
            {
              "name": "1017694",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017694"
            },
            {
              "name": "ADV-2007-0702",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0702"
            },
            {
              "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1083",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "33479",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33479"
                },
                {
                  "name": "24249",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24249"
                },
                {
                  "name": "verisign-configchk-bo(32639)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
                },
                {
                  "name": "VU#308087",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/308087"
                },
                {
                  "name": "http://jvn.jp/cert/JVNVU%23308087/index.html",
                  "refsource": "MISC",
                  "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
                },
                {
                  "name": "https://download.verisign.co.jp/support/announce/20070216.html",
                  "refsource": "CONFIRM",
                  "url": "https://download.verisign.co.jp/support/announce/20070216.html"
                },
                {
                  "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
                },
                {
                  "name": "1017693",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017693"
                },
                {
                  "name": "22676",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22676"
                },
                {
                  "name": "22671",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22671"
                },
                {
                  "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
                },
                {
                  "name": "http://www.jpcert.or.jp/at/2007/at070006.txt",
                  "refsource": "MISC",
                  "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
                },
                {
                  "name": "1017692",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017692"
                },
                {
                  "name": "1017694",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017694"
                },
                {
                  "name": "ADV-2007-0702",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0702"
                },
                {
                  "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1083",
        "datePublished": "2007-02-23T00:00:00.000Z",
        "dateReserved": "2007-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:43:22.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1344 (GCVE-0-2006-1344)

    Vulnerability from nvd – Published: 2006-03-22 01:00 – Updated: 2024-08-07 17:12
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:12:20.555Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17170"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
              },
              {
                "name": "ADV-2006-1084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1084"
              },
              {
                "name": "verisign-haydn-xss(25349)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
              },
              {
                "name": "614",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/614"
              },
              {
                "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
              },
              {
                "name": "1015813",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015813"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17170",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17170"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
            },
            {
              "name": "ADV-2006-1084",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1084"
            },
            {
              "name": "verisign-haydn-xss(25349)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
            },
            {
              "name": "614",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/614"
            },
            {
              "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
            },
            {
              "name": "1015813",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015813"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1344",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17170",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17170"
                },
                {
                  "name": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10",
                  "refsource": "MISC",
                  "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
                },
                {
                  "name": "ADV-2006-1084",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1084"
                },
                {
                  "name": "verisign-haydn-xss(25349)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
                },
                {
                  "name": "614",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/614"
                },
                {
                  "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
                },
                {
                  "name": "1015813",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015813"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1344",
        "datePublished": "2006-03-22T01:00:00.000Z",
        "dateReserved": "2006-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:12:20.555Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1083 (GCVE-0-2007-1083)

    Vulnerability from cvelistv5 – Published: 2007-02-23 00:00 – Updated: 2024-08-07 12:43
    VLAI
    Summary
    Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/33479 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/24249 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/308087 third-party-advisoryx_refsource_CERT-VN
    http://jvn.jp/cert/JVNVU%23308087/index.html x_refsource_MISC
    https://download.verisign.co.jp/support/announce/… x_refsource_CONFIRM
    http://attrition.org/pipermail/vim/2007-February/… mailing-listx_refsource_VIM
    http://www.securitytracker.com/id?1017693 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/22676 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/22671 vdb-entryx_refsource_BID
    http://attrition.org/pipermail/vim/2007-February/… mailing-listx_refsource_VIM
    http://www.jpcert.or.jp/at/2007/at070006.txt x_refsource_MISC
    http://www.securitytracker.com/id?1017692 vdb-entryx_refsource_SECTRACK
    http://www.securitytracker.com/id?1017694 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/0702 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    Date Public
    2007-02-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:43:22.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "33479",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/33479"
              },
              {
                "name": "24249",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24249"
              },
              {
                "name": "verisign-configchk-bo(32639)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
              },
              {
                "name": "VU#308087",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/308087"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://download.verisign.co.jp/support/announce/20070216.html"
              },
              {
                "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
              },
              {
                "name": "1017693",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017693"
              },
              {
                "name": "22676",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22676"
              },
              {
                "name": "22671",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22671"
              },
              {
                "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
                "tags": [
                  "mailing-list",
                  "x_refsource_VIM",
                  "x_transferred"
                ],
                "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
              },
              {
                "name": "1017692",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017692"
              },
              {
                "name": "1017694",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017694"
              },
              {
                "name": "ADV-2007-0702",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0702"
              },
              {
                "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-02-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "33479",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/33479"
            },
            {
              "name": "24249",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24249"
            },
            {
              "name": "verisign-configchk-bo(32639)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
            },
            {
              "name": "VU#308087",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/308087"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://download.verisign.co.jp/support/announce/20070216.html"
            },
            {
              "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
            },
            {
              "name": "1017693",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017693"
            },
            {
              "name": "22676",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22676"
            },
            {
              "name": "22671",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22671"
            },
            {
              "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
              "tags": [
                "mailing-list",
                "x_refsource_VIM"
              ],
              "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
            },
            {
              "name": "1017692",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017692"
            },
            {
              "name": "1017694",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017694"
            },
            {
              "name": "ADV-2007-0702",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0702"
            },
            {
              "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1083",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "33479",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/33479"
                },
                {
                  "name": "24249",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24249"
                },
                {
                  "name": "verisign-configchk-bo(32639)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32639"
                },
                {
                  "name": "VU#308087",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/308087"
                },
                {
                  "name": "http://jvn.jp/cert/JVNVU%23308087/index.html",
                  "refsource": "MISC",
                  "url": "http://jvn.jp/cert/JVNVU%23308087/index.html"
                },
                {
                  "name": "https://download.verisign.co.jp/support/announce/20070216.html",
                  "refsource": "CONFIRM",
                  "url": "https://download.verisign.co.jp/support/announce/20070216.html"
                },
                {
                  "name": "20070223 Verisign ConfigChk ActiveX Overflow(s)",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2007-February/001385.html"
                },
                {
                  "name": "1017693",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017693"
                },
                {
                  "name": "22676",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22676"
                },
                {
                  "name": "22671",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22671"
                },
                {
                  "name": "20070222 Verisign ConfigChk ActiveX Overflow(s)",
                  "refsource": "VIM",
                  "url": "http://attrition.org/pipermail/vim/2007-February/001384.html"
                },
                {
                  "name": "http://www.jpcert.or.jp/at/2007/at070006.txt",
                  "refsource": "MISC",
                  "url": "http://www.jpcert.or.jp/at/2007/at070006.txt"
                },
                {
                  "name": "1017692",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017692"
                },
                {
                  "name": "1017694",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017694"
                },
                {
                  "name": "ADV-2007-0702",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0702"
                },
                {
                  "name": "20070222 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=479"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1083",
        "datePublished": "2007-02-23T00:00:00.000Z",
        "dateReserved": "2007-02-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:43:22.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1344 (GCVE-0-2006-1344)

    Vulnerability from cvelistv5 – Published: 2006-03-22 01:00 – Updated: 2024-08-07 17:12
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:12:20.555Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17170"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
              },
              {
                "name": "ADV-2006-1084",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1084"
              },
              {
                "name": "verisign-haydn-xss(25349)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
              },
              {
                "name": "614",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/614"
              },
              {
                "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
              },
              {
                "name": "1015813",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015813"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17170",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17170"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
            },
            {
              "name": "ADV-2006-1084",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1084"
            },
            {
              "name": "verisign-haydn-xss(25349)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
            },
            {
              "name": "614",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/614"
            },
            {
              "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
            },
            {
              "name": "1015813",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015813"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1344",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in VeriSign haydn.exe, as used in Managed PKI (MPKI) 6.0, allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the VHTML_FILE parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17170",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17170"
                },
                {
                  "name": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10",
                  "refsource": "MISC",
                  "url": "http://www.coresecurity.com/common/showdoc.php?idx=522\u0026idxseccion=10"
                },
                {
                  "name": "ADV-2006-1084",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1084"
                },
                {
                  "name": "verisign-haydn-xss(25349)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25349"
                },
                {
                  "name": "614",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/614"
                },
                {
                  "name": "20060320 CORE-2006-0124: Cross-Site Scripting in Verisign?s haydn.exe CGI script",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428267/100/0/threaded"
                },
                {
                  "name": "1015813",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015813"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1344",
        "datePublished": "2006-03-22T01:00:00.000Z",
        "dateReserved": "2006-03-21T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:12:20.555Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }