Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2006-4727 (GCVE-0-2006-4727)

Vulnerability from cvelistv5 – Published: 2008-05-09 17:00 – Updated: 2024-08-07 19:23

Summary

Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

3 references

URL	Tags
http://osvdb.org/ref/28/28722-tumbleweed-emf.txt	x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.osvdb.org/28722	vdb-entryx_refsource_OSVDB

Date Public

2008-05-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:23:41.026Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
          },
          {
            "name": "tumbleweed-emf-statusview-xss(42392)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
          },
          {
            "name": "28722",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28722"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
        },
        {
          "name": "tumbleweed-emf-statusview-xss(42392)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
        },
        {
          "name": "28722",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28722"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4727",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt",
              "refsource": "MISC",
              "url": "http://osvdb.org/ref/28/28722-tumbleweed-emf.txt"
            },
            {
              "name": "tumbleweed-emf-statusview-xss(42392)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42392"
            },
            {
              "name": "28722",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/28722"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4727",
    "datePublished": "2008-05-09T17:00:00.000Z",
    "dateReserved": "2006-09-12T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:23:41.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-1724 (GCVE-0-2008-1724)

Vulnerability from cvelistv5 – Published: 2008-04-11 19:00 – Updated: 2024-08-07 08:32

Summary

Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

8 references

URL	Tags
http://www.securityfocus.com/archive/1/490536/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/29717	third-party-advisoryx_refsource_SECUNIA
http://securityreason.com/securityalert/3806	third-party-advisoryx_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2008/1165…	vdb-entryx_refsource_VUPEN
https://www.exploit-db.com/exploits/5398	exploitx_refsource_EXPLOIT-DB
http://www.aushack.com/200708-tumbleweed.txt	x_refsource_MISC
http://www.securityfocus.com/bid/28662	vdb-entryx_refsource_BID

Date Public

2008-04-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:32:01.282Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
          },
          {
            "name": "29717",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29717"
          },
          {
            "name": "3806",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3806"
          },
          {
            "name": "securetransport-filetransfer-activex-bo(41692)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
          },
          {
            "name": "ADV-2008-1165",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1165/references"
          },
          {
            "name": "5398",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5398"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.aushack.com/200708-tumbleweed.txt"
          },
          {
            "name": "28662",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28662"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
        },
        {
          "name": "29717",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29717"
        },
        {
          "name": "3806",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3806"
        },
        {
          "name": "securetransport-filetransfer-activex-bo(41692)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
        },
        {
          "name": "ADV-2008-1165",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1165/references"
        },
        {
          "name": "5398",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5398"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.aushack.com/200708-tumbleweed.txt"
        },
        {
          "name": "28662",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28662"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1724",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080407 Tumbleweed SecureTransport FileTransfer ActiveX Control Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490536/100/0/threaded"
            },
            {
              "name": "29717",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29717"
            },
            {
              "name": "3806",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3806"
            },
            {
              "name": "securetransport-filetransfer-activex-bo(41692)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41692"
            },
            {
              "name": "ADV-2008-1165",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1165/references"
            },
            {
              "name": "5398",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5398"
            },
            {
              "name": "http://www.aushack.com/200708-tumbleweed.txt",
              "refsource": "MISC",
              "url": "http://www.aushack.com/200708-tumbleweed.txt"
            },
            {
              "name": "28662",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28662"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1724",
    "datePublished": "2008-04-11T19:00:00.000Z",
    "dateReserved": "2008-04-11T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:32:01.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-3901 (GCVE-0-2006-3901)

Vulnerability from cvelistv5 – Published: 2006-07-27 10:00 – Updated: 2024-08-07 18:48

Summary

Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

7 references

URL	Tags
http://www.securityfocus.com/archive/1/441497/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/21194	third-party-advisoryx_refsource_SECUNIA
http://www.hustlelabs.com/advisories/04072006_tweed.pdf	x_refsource_MISC
http://www.osvdb.org/27495	vdb-entryx_refsource_OSVDB
http://marc.info/?l=full-disclosure&m=11537843791…	mailing-listx_refsource_FULLDISC
http://www.securityfocus.com/bid/19146	vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2006/2970	vdb-entryx_refsource_VUPEN

Date Public

2006-07-24 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
          },
          {
            "name": "21194",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21194"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
          },
          {
            "name": "27495",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27495"
          },
          {
            "name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
          },
          {
            "name": "19146",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19146"
          },
          {
            "name": "ADV-2006-2970",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2970"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the \"temporary pathname\" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
        },
        {
          "name": "21194",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21194"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
        },
        {
          "name": "27495",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27495"
        },
        {
          "name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
        },
        {
          "name": "19146",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19146"
        },
        {
          "name": "ADV-2006-2970",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2970"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3901",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the \"temporary pathname\" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060725 Hustle -- Tumbleweed Email Firewall Remote Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/441497/100/0/threaded"
            },
            {
              "name": "21194",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21194"
            },
            {
              "name": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf",
              "refsource": "MISC",
              "url": "http://www.hustlelabs.com/advisories/04072006_tweed.pdf"
            },
            {
              "name": "27495",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27495"
            },
            {
              "name": "20060724 Hustle -- Tumbleweed Email Firewall Remote",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=115378437918939\u0026w=2"
            },
            {
              "name": "19146",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19146"
            },
            {
              "name": "ADV-2006-2970",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2970"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3901",
    "datePublished": "2006-07-27T10:00:00.000Z",
    "dateReserved": "2006-07-26T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:48:39.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0487 (GCVE-0-2006-0487)

Vulnerability from cvelistv5 – Published: 2006-02-01 02:00 – Updated: 2024-08-07 16:34

Summary

Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks."

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

1 reference

URL	Tags
http://www.securityfocus.com/archive/1/422591/100…	mailing-listx_refsource_BUGTRAQ

Date Public

2006-01-21 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:34:14.844Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060121 Tumbleweed EMF 6.x Processing Issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under \"extremely heavy loads\" and (2) cause an \"increased number of missed spam\" during \"spam outbreaks.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20060121 Tumbleweed EMF 6.x Processing Issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0487",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under \"extremely heavy loads\" and (2) cause an \"increased number of missed spam\" during \"spam outbreaks.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060121 Tumbleweed EMF 6.x Processing Issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/422591/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0487",
    "datePublished": "2006-02-01T02:00:00.000Z",
    "dateReserved": "2006-01-31T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:34:14.844Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2000-0772 (GCVE-0-2000-0772)

Vulnerability from cvelistv5 – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28

Summary

The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

4 references

URL	Tags
http://thompson.tumbleweed.com/NewKB/bulletin/UPF…	x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/1562	vdb-entryx_refsource_BID
http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ

Date Public

2000-08-10 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:28:41.531Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
          },
          {
            "name": "tumbleweed-mms-blank-password(5072)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
          },
          {
            "name": "1562",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1562"
          },
          {
            "name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-08-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T21:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
        },
        {
          "name": "tumbleweed-mms-blank-password(5072)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
        },
        {
          "name": "1562",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1562"
        },
        {
          "name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0772",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm",
              "refsource": "CONFIRM",
              "url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm"
            },
            {
              "name": "tumbleweed-mms-blank-password(5072)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072"
            },
            {
              "name": "1562",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1562"
            },
            {
              "name": "20000810 Tumbleweed Worldsecure (MMS) BLANK \u0027sa\u0027 account password vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-0772",
    "datePublished": "2000-09-21T04:00:00.000Z",
    "dateReserved": "2000-09-19T00:00:00.000Z",
    "dateUpdated": "2024-08-08T05:28:41.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Find a vulnerability

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

5 vulnerabilities by tumbleweed

CVE-2006-4727 (GCVE-0-2006-4727)

CVE-2008-1724 (GCVE-0-2008-1724)

CVE-2006-3901 (GCVE-0-2006-3901)

CVE-2006-0487 (GCVE-0-2006-0487)

CVE-2000-0772 (GCVE-0-2000-0772)

Find a vulnerability

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

5 vulnerabilities by tumbleweed

CVE-2006-4727 (GCVE-0-2006-4727)

CVE-2008-1724 (GCVE-0-2008-1724)

CVE-2006-3901 (GCVE-0-2006-3901)

CVE-2006-0487 (GCVE-0-2006-0487)

CVE-2000-0772 (GCVE-0-2000-0772)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.