Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
9 vulnerabilities by ebay
VAR-201011-0089
Vulnerability from variot - Updated: 2023-12-18 13:20The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate. eBay PayPal is prone to a security-bypass vulnerability because it fails to properly verify x.509 certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers which will aid in further attacks. NOTE: This issue affects connections on unsecured Wi-Fi networks. Versions prior to PayPal 3.0.1 for iOS-based mobile devices are vulnerable. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia report for 2008.
Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics
Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
TITLE: McAfee Products Archive Handling Security Bypass
SECUNIA ADVISORY ID: SA34949
VERIFY ADVISORY: http://secunia.com/advisories/34949/
DESCRIPTION: Some weaknesses have been reported in various McAfee products, which can be exploited by malware to bypass the scanning functionality.
The weaknesses are caused due to errors in the handling of archive file formats (e.g.
SOLUTION: Update .DAT files to DAT 5600 or later. http://www.mcafee.com/apps/downloads/security_updates/dat.asp
PROVIDED AND/OR DISCOVERED BY: * Thierry Zoller * The vendor also credits Mickael Roger.
ORIGINAL ADVISORY: McAfee: https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
Thierry Zoller: http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ____________
From the low-hanging-fruit-department - Mcafee multiple generic evasions
Release mode: Coordinated but limited disclosure. Ref : TZO-182009 - Mcafee multiple generic evasions WWW : http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html Vendor : http://www.mcafee.com Status : Patched CVE : CVE-2009-1348 (provided by mcafee) https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
Security notification reaction rating : very good Notification to patch window : +-27 days (Eastern holidays in between)
Disclosure Policy : http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products : - McAfee VirusScan\xae Plus 2009 - McAfee Total Protection\x99 2009 - McAfee Internet Security - McAfee VirusScan USB - McAfee VirusScan Enterprise - McAfee VirusScan Enterprise Linux - McAfee VirusScan Enterprise for SAP - McAfee VirusScan Enterprise for Storage - McAfee VirusScan Commandline - Mcafee SecurityShield for Microsoft ISA Server - Mcafee Security for Microsoft Sharepoint - Mcafee Security for Email Servers - McAfee Email Gateyway - McAfee Total Protection for Endpoint - McAfee Active Virus Defense - McAfee Active VirusScan
It is unkown whether SaaS were affected (tough likely) : - McAfee Email Security Service - McAfee Total Protection Service Advanced
I. Background ~~~~~~~~~~~~~ Quote: "McAfee proactively secures systems and networks from known and as yet undiscovered threats worldwide. Home users, businesses, service providers, government agencies, and our partners all trust our unmatched security expertise and have confidence in our comprehensive and proven solutions to effectively block attacks and prevent disruptions."
II. Description ~~~~~~~~~~~~~~~ The parsing engine can be bypassed by a specially crafted and formated RAR (Headflags and Packsize),ZIP (Filelenght) archive.
III. Impact ~~~~~~~~~~~ A general description of the impact and nature of AV Bypasses/evasions can be read at : http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html
The bug results in denying the engine the possibility to inspect code within RAR and ZIP archives. There is no inspection of the content at all and hence the impossibility to detect malicious code.
IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD/MM/YYYY 04/04/2009 : Send proof of concept RAR I, description the terms under which I cooperate and the planned disclosure date
06/04/2009 : Send proof of concept RAR II, description the terms under which I cooperate and the planned disclosure date
06/04/2009 : Mcafee acknowledges receipt and reproduction of RAR I, ack acknowledges receipt of RARII
10/04/2009 : Send proof of concept ZIP I, description the terms under which I cooperate and the planned disclosure date
21/04/2009 : Mcafee provides CVE number CVE-2009-1348
28/04/2009 : Mcafee informs me that the patch might be released on the 29th 29/04/2009 : Mcafee confirms patch release and provides URL https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
29/04/2009 : Ask for affected versions
29/04/2009 : Mcafee replies " This issue does affect all vs engine products, including both gateway and endpoint"
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0089",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "paypal",
"scope": "lte",
"trust": 1.0,
"vendor": "ebay",
"version": "3.0"
},
{
"model": "paypal",
"scope": "lt",
"trust": 0.8,
"vendor": "ebay",
"version": "ios edition 3.0.1"
},
{
"model": "paypal",
"scope": "eq",
"trust": 0.6,
"vendor": "ebay",
"version": "3.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ebay:paypal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "BID",
"id": "44657"
}
],
"trust": 0.3
},
"cve": "CVE-2010-4211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-4211",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "VHN-46816",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4211",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201011-094",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-46816",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate. eBay PayPal is prone to a security-bypass vulnerability because it fails to properly verify x.509 certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers which will aid in further attacks. \nNOTE: This issue affects connections on unsecured Wi-Fi networks. \nVersions prior to PayPal 3.0.1 for iOS-based mobile devices are vulnerable. ----------------------------------------------------------------------\n\nSecunia is pleased to announce the release of the annual Secunia\nreport for 2008. \n\nHighlights from the 2008 report:\n * Vulnerability Research\n * Software Inspection Results\n * Secunia Research Highlights\n * Secunia Advisory Statistics\n\nRequest the full 2008 Report here:\nhttp://secunia.com/advisories/try_vi/request_2008_report/\n\nStay Secure,\n\nSecunia\n\n\n----------------------------------------------------------------------\n\nTITLE:\nMcAfee Products Archive Handling Security Bypass\n\nSECUNIA ADVISORY ID:\nSA34949\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/34949/\n\nDESCRIPTION:\nSome weaknesses have been reported in various McAfee products, which\ncan be exploited by malware to bypass the scanning functionality. \n\nThe weaknesses are caused due to errors in the handling of archive\nfile formats (e.g. \n\nSOLUTION:\nUpdate .DAT files to DAT 5600 or later. \nhttp://www.mcafee.com/apps/downloads/security_updates/dat.asp\n\nPROVIDED AND/OR DISCOVERED BY:\n* Thierry Zoller\n* The vendor also credits Mickael Roger. \n\nORIGINAL ADVISORY:\nMcAfee:\nhttps://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT\n\nThierry Zoller:\nhttp://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ________________________________________________________________________\n\nFrom the low-hanging-fruit-department - Mcafee multiple generic evasions\n________________________________________________________________________\n\nRelease mode: Coordinated but limited disclosure. \nRef : TZO-182009 - Mcafee multiple generic evasions\nWWW : http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html\nVendor : http://www.mcafee.com\nStatus : Patched\nCVE : CVE-2009-1348 (provided by mcafee)\nhttps://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT\n\nSecurity notification reaction rating : very good\nNotification to patch window : +-27 days (Eastern holidays in between)\n\nDisclosure Policy : \nhttp://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html\n\nAffected products : \n- McAfee VirusScan\\xae Plus 2009\n- McAfee Total Protection\\x99 2009\n- McAfee Internet Security\n- McAfee VirusScan USB\n- McAfee VirusScan Enterprise\n- McAfee VirusScan Enterprise Linux\n- McAfee VirusScan Enterprise for SAP\n- McAfee VirusScan Enterprise for Storage\n- McAfee VirusScan Commandline\n- Mcafee SecurityShield for Microsoft ISA Server\n- Mcafee Security for Microsoft Sharepoint\n- Mcafee Security for Email Servers\n- McAfee Email Gateyway\n- McAfee Total Protection for Endpoint\n- McAfee Active Virus Defense\n- McAfee Active VirusScan\n \nIt is unkown whether SaaS were affected (tough likely) :\n- McAfee Email Security Service\n- McAfee Total Protection Service Advanced\n\n\nI. Background\n~~~~~~~~~~~~~\nQuote: \"McAfee proactively secures systems and networks from known \nand as yet undiscovered threats worldwide. Home users, businesses, \nservice providers, government agencies, and our partners all trust \nour unmatched security expertise and have confidence in our \ncomprehensive and proven solutions to effectively block attacks\nand prevent disruptions.\"\n\n\nII. Description\n~~~~~~~~~~~~~~~\nThe parsing engine can be bypassed by a specially crafted and formated\nRAR (Headflags and Packsize),ZIP (Filelenght) archive. \n\nIII. Impact\n~~~~~~~~~~~\nA general description of the impact and nature of AV Bypasses/evasions\ncan be read at : \nhttp://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html\n\nThe bug results in denying the engine the possibility to inspect\ncode within RAR and ZIP archives. There is no inspection of the content\nat all and hence the impossibility to detect malicious code. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD/MM/YYYY\n04/04/2009 : Send proof of concept RAR I, description the terms under which \n I cooperate and the planned disclosure date\n \n06/04/2009 : Send proof of concept RAR II, description the terms under which \n I cooperate and the planned disclosure date\n \n06/04/2009 : Mcafee acknowledges receipt and reproduction of RAR I, ack\n acknowledges receipt of RARII \n \n10/04/2009 : Send proof of concept ZIP I, description the terms under which \n I cooperate and the planned disclosure date\n\n21/04/2009 : Mcafee provides CVE number CVE-2009-1348 \n \n28/04/2009 : Mcafee informs me that the patch might be released on the 29th\n29/04/2009 : Mcafee confirms patch release and provides URL\n https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT\n \n29/04/2009 : Ask for affected versions\n\n29/04/2009 : Mcafee replies \" This issue does affect all vs engine products, including \n both gateway and endpoint\"\n\n\n\n\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "BID",
"id": "44657"
},
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "PACKETSTORM",
"id": "77183"
},
{
"db": "PACKETSTORM",
"id": "77170"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4211",
"trust": 2.8
},
{
"db": "BID",
"id": "44657",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-2887",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094",
"trust": 0.7
},
{
"db": "XF",
"id": "63002",
"trust": 0.6
},
{
"db": "MCAFEE",
"id": "SB10001",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "34949",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-46816",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77170",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "BID",
"id": "44657"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "PACKETSTORM",
"id": "77183"
},
{
"db": "PACKETSTORM",
"id": "77170"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"id": "VAR-201011-0089",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46816"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:20:22.564000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "PayPal on your iPhone",
"trust": 0.8,
"url": "https://personal.paypal.com/us/cgi-bin/?\u0026cmd=_render-content\u0026content_id=marketing_us/mobile_iphone"
},
{
"title": "PayPal",
"trust": 0.8,
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://online.wsj.com/article/sb10001424052748703506904575592782874885808.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/44657"
},
{
"trust": 1.7,
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"trust": 1.7,
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"trust": 1.7,
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"trust": 1.7,
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4211"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4211"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/63002"
},
{
"trust": 0.3,
"url": "http://itunes.apple.com/us/app/paypal/id283646709?mt=8#"
},
{
"trust": 0.3,
"url": "https://personal.paypal.com/us/cgi-bin/?\u0026cmd=_render-content\u0026content_id=marketing_us/mobile_iphone"
},
{
"trust": 0.2,
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
},
{
"trust": 0.2,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10001\u0026actp=list_recent"
},
{
"trust": 0.1,
"url": "http://www.mcafee.com/apps/downloads/security_updates/dat.asp"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34949/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/try_vi/request_2008_report/"
},
{
"trust": 0.1,
"url": "http://www.mcafee.com"
},
{
"trust": 0.1,
"url": "http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html"
},
{
"trust": 0.1,
"url": "http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "BID",
"id": "44657"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "PACKETSTORM",
"id": "77183"
},
{
"db": "PACKETSTORM",
"id": "77170"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-46816"
},
{
"db": "BID",
"id": "44657"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"db": "PACKETSTORM",
"id": "77183"
},
{
"db": "PACKETSTORM",
"id": "77170"
},
{
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-09T00:00:00",
"db": "VULHUB",
"id": "VHN-46816"
},
{
"date": "2010-11-04T00:00:00",
"db": "BID",
"id": "44657"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"date": "2009-05-02T05:21:02",
"db": "PACKETSTORM",
"id": "77183"
},
{
"date": "2009-05-01T02:03:00",
"db": "PACKETSTORM",
"id": "77170"
},
{
"date": "2010-11-09T01:00:02.697000",
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"date": "2010-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-46816"
},
{
"date": "2015-04-13T21:02:00",
"db": "BID",
"id": "44657"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-003380"
},
{
"date": "2017-08-17T01:33:08.307000",
"db": "NVD",
"id": "CVE-2010-4211"
},
{
"date": "2010-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PayPal app In Paypal Web Vulnerability impersonating a server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-003380"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201011-094"
}
],
"trust": 0.6
}
}
CVE-2023-26107 (GCVE-0-2023-26107)
Vulnerability from nvd – Published: 2023-03-06 05:00 – Updated: 2025-03-05 19:51
VLAI
Summary
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
Severity
6.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SKETCHSVG-3167969"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L115"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L64"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26107",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T19:51:04.442249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:51:11.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sketchsvg",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Everardo Padilla"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.\r\r"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Arbitrary Code Injection",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-06T05:00:04.316Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SKETCHSVG-3167969"
},
{
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L115"
},
{
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L64"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26107",
"datePublished": "2023-03-06T05:00:04.316Z",
"dateReserved": "2023-02-20T10:28:48.921Z",
"dateUpdated": "2025-03-05T19:51:11.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4211 (GCVE-0-2010-4211)
Vulnerability from nvd – Published: 2010-11-08 23:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://viaforensics.com/press-releases/viaforensi… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2010/2887 | vdb-entryx_refsource_VUPEN |
| http://news.cnet.com/8301-27080_3-20021730-245.html | x_refsource_MISC |
| http://www.securityfocus.com/bid/44657 | vdb-entryx_refsource_BID |
| http://online.wsj.com/article/SB10001424052748703… | x_refsource_MISC |
| http://itunes.apple.com/us/app/paypal/id283646709 | x_refsource_MISC |
| http://viaforensics.com/security/viaforensics-unc… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2010-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44657"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44657"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html",
"refsource": "MISC",
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"name": "http://news.cnet.com/8301-27080_3-20021730-245.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44657"
},
{
"name": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html",
"refsource": "MISC",
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"name": "http://itunes.apple.com/us/app/paypal/id283646709",
"refsource": "MISC",
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"name": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html",
"refsource": "MISC",
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4211",
"datePublished": "2010-11-08T23:00:00.000Z",
"dateReserved": "2010-11-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2475 (GCVE-0-2008-2475)
Vulnerability from nvd – Published: 2009-06-09 20:00 – Updated: 2024-08-07 09:05
VLAI
Summary
eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/54968 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35412 | third-party-advisoryx_refsource_SECUNIA |
| http://pages.ebay.com/securitycenter/activex/index.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35248 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/983731 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2009-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54968",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/983731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-06-13T09:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "54968",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/983731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-2475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54968",
"refsource": "OSVDB",
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35412"
},
{
"name": "http://pages.ebay.com/securitycenter/activex/index.html",
"refsource": "CONFIRM",
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/983731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-2475",
"datePublished": "2009-06-09T20:00:00.000Z",
"dateReserved": "2008-05-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:05:30.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1176 (GCVE-0-2006-1176)
Vulnerability from nvd – Published: 2006-07-08 00:00 – Updated: 2024-08-07 17:03
VLAI
Summary
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/20969 | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1016445 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/597721 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/18921 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/2698 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.kb.cert.org/vuls/id/MIMG-6QKPVH | x_refsource_CONFIRM |
Date Public
2006-07-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-1176",
"datePublished": "2006-07-08T00:00:00.000Z",
"dateReserved": "2006-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26107 (GCVE-0-2023-26107)
Vulnerability from cvelistv5 – Published: 2023-03-06 05:00 – Updated: 2025-03-05 19:51
VLAI
Summary
All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.
Severity
6.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SKETCHSVG-3167969"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L115"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L64"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26107",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T19:51:04.442249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T19:51:11.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "sketchsvg",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Everardo Padilla"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.\r\r"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Arbitrary Code Injection",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-06T05:00:04.316Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SKETCHSVG-3167969"
},
{
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L115"
},
{
"url": "https://github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js%23L64"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26107",
"datePublished": "2023-03-06T05:00:04.316Z",
"dateReserved": "2023-02-20T10:28:48.921Z",
"dateUpdated": "2025-03-05T19:51:11.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4211 (GCVE-0-2010-4211)
Vulnerability from cvelistv5 – Published: 2010-11-08 23:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://viaforensics.com/press-releases/viaforensi… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2010/2887 | vdb-entryx_refsource_VUPEN |
| http://news.cnet.com/8301-27080_3-20021730-245.html | x_refsource_MISC |
| http://www.securityfocus.com/bid/44657 | vdb-entryx_refsource_BID |
| http://online.wsj.com/article/SB10001424052748703… | x_refsource_MISC |
| http://itunes.apple.com/us/app/paypal/id283646709 | x_refsource_MISC |
| http://viaforensics.com/security/viaforensics-unc… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2010-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44657"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44657"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html",
"refsource": "MISC",
"url": "http://viaforensics.com/press-releases/viaforensics-uncovers-paypal-application-vulnerability.html"
},
{
"name": "ADV-2010-2887",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2887"
},
{
"name": "http://news.cnet.com/8301-27080_3-20021730-245.html",
"refsource": "MISC",
"url": "http://news.cnet.com/8301-27080_3-20021730-245.html"
},
{
"name": "44657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44657"
},
{
"name": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html",
"refsource": "MISC",
"url": "http://online.wsj.com/article/SB10001424052748703506904575592782874885808.html"
},
{
"name": "http://itunes.apple.com/us/app/paypal/id283646709",
"refsource": "MISC",
"url": "http://itunes.apple.com/us/app/paypal/id283646709"
},
{
"name": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html",
"refsource": "MISC",
"url": "http://viaforensics.com/security/viaforensics-uncovers-significant-vulnerability-paypal-iphone.html"
},
{
"name": "paypal-certificate-info-disclosure(63002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4211",
"datePublished": "2010-11-08T23:00:00.000Z",
"dateReserved": "2010-11-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2475 (GCVE-0-2008-2475)
Vulnerability from cvelistv5 – Published: 2009-06-09 20:00 – Updated: 2024-08-07 09:05
VLAI
Summary
eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/54968 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35412 | third-party-advisoryx_refsource_SECUNIA |
| http://pages.ebay.com/securitycenter/activex/index.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/35248 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/983731 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2009-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54968",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/983731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-06-13T09:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "54968",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/983731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-2475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eBay Enhanced Picture Uploader ActiveX control (EPUWALcontrol.dll) before 1.0.27 allows remote attackers to execute arbitrary commands via the PictureUrls property."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54968",
"refsource": "OSVDB",
"url": "http://osvdb.org/54968"
},
{
"name": "35412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35412"
},
{
"name": "http://pages.ebay.com/securitycenter/activex/index.html",
"refsource": "CONFIRM",
"url": "http://pages.ebay.com/securitycenter/activex/index.html"
},
{
"name": "35248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35248"
},
{
"name": "VU#983731",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/983731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-2475",
"datePublished": "2009-06-09T20:00:00.000Z",
"dateReserved": "2008-05-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:05:30.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1176 (GCVE-0-2006-1176)
Vulnerability from cvelistv5 – Published: 2006-07-08 00:00 – Updated: 2024-08-07 17:03
VLAI
Summary
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/20969 | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1016445 | vdb-entryx_refsource_SECTRACK |
| http://www.kb.cert.org/vuls/id/597721 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/18921 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/2698 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.kb.cert.org/vuls/id/MIMG-6QKPVH | x_refsource_CONFIRM |
Date Public
2006-07-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20969",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20969"
},
{
"name": "1016445",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016445"
},
{
"name": "VU#597721",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/597721"
},
{
"name": "18921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18921"
},
{
"name": "ADV-2006-2698",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2698"
},
{
"name": "ebay-epuimagecontrol-bo(27631)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-1176",
"datePublished": "2006-07-08T00:00:00.000Z",
"dateReserved": "2006-03-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}