Search

Find a vulnerability

Search criteria

    4 vulnerabilities by interwoven

    CVE-2008-1617 (GCVE-0-2008-1617)

    Vulnerability from nvd – Published: 2008-04-08 18:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28628"
              },
              {
                "name": "ADV-2008-1134",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/1134/references"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
              },
              {
                "name": "29733",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29733"
              },
              {
                "name": "worksite-webtransferctrl-code-execution(41699)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28628",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28628"
            },
            {
              "name": "ADV-2008-1134",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1134/references"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
            },
            {
              "name": "29733",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29733"
            },
            {
              "name": "worksite-webtransferctrl-code-execution(41699)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1617",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28628",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28628"
                },
                {
                  "name": "ADV-2008-1134",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/1134/references"
                },
                {
                  "name": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf",
                  "refsource": "MISC",
                  "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
                },
                {
                  "name": "29733",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29733"
                },
                {
                  "name": "worksite-webtransferctrl-code-execution(41699)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1617",
        "datePublished": "2008-04-08T18:00:00.000Z",
        "dateReserved": "2008-04-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1700 (GCVE-0-2008-1700)

    Vulnerability from nvd – Published: 2008-04-08 18:00 – Updated: 2024-08-07 08:32
    VLAI
    Summary
    The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:32:01.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1700",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
                },
                {
                  "name": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf",
                  "refsource": "MISC",
                  "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1700",
        "datePublished": "2008-04-08T18:00:00.000Z",
        "dateReserved": "2008-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:32:01.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1617 (GCVE-0-2008-1617)

    Vulnerability from cvelistv5 – Published: 2008-04-08 18:00 – Updated: 2024-08-07 08:24
    VLAI
    Summary
    Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:24:42.880Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28628",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28628"
              },
              {
                "name": "ADV-2008-1134",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/1134/references"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
              },
              {
                "name": "29733",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29733"
              },
              {
                "name": "worksite-webtransferctrl-code-execution(41699)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28628",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28628"
            },
            {
              "name": "ADV-2008-1134",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/1134/references"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
            },
            {
              "name": "29733",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29733"
            },
            {
              "name": "worksite-webtransferctrl-code-execution(41699)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1617",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28628",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28628"
                },
                {
                  "name": "ADV-2008-1134",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/1134/references"
                },
                {
                  "name": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf",
                  "refsource": "MISC",
                  "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
                },
                {
                  "name": "29733",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29733"
                },
                {
                  "name": "worksite-webtransferctrl-code-execution(41699)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1617",
        "datePublished": "2008-04-08T18:00:00.000Z",
        "dateReserved": "2008-04-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:24:42.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1700 (GCVE-0-2008-1700)

    Vulnerability from cvelistv5 – Published: 2008-04-08 18:00 – Updated: 2024-08-07 08:32
    VLAI
    Summary
    The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2008-04-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:32:01.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-04-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1700",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service (memory consumption) via a large number of SendNrlLink directives, which opens a separate window for each directive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "worksiteweb-webtransferctrl-imanfile-dos(41757)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41757"
                },
                {
                  "name": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf",
                  "refsource": "MISC",
                  "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1700",
        "datePublished": "2008-04-08T18:00:00.000Z",
        "dateReserved": "2008-04-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T08:32:01.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }