4D Webstar vulnerabilities

9 known vulnerabilities affecting 4d/webstar.

Total CVEs
9
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM6LOW1

Vulnerabilities

Page 1 of 1
CVE-2005-3143MEDIUMCVSS 5.0v5.1.2v5.1.3+10 more2005-10-05
CVE-2005-3143 [MEDIUM] CVE-2005-3143: Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to caus Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.
nvd
CVE-2005-1507MEDIUMCVSS 5.0PoCv5.3.3v5.42005-05-11
CVE-2005-1507 [MEDIUM] CVE-2005-1507: Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a d Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL.
nvd
CVE-2004-0079HIGHCVSS 7.5v4.0v5.2+6 more2004-11-23
CVE-2004-0079 [HIGH] CWE-476 CVE-2004-0079: The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
nvd
CVE-2004-0081MEDIUMCVSS 5.0v4.0v5.2+6 more2004-11-23
CVE-2004-0081 [MEDIUM] CVE-2004-0081: OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote atta OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
nvd
CVE-2004-0112MEDIUMCVSS 5.0v4.0v5.2+6 more2004-11-23
CVE-2004-0112 [MEDIUM] CWE-125 CVE-2004-0112: The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
nvd
CVE-2004-0695HIGHCVSS 7.5PoCv4.0v5.2+7 more2004-07-27
CVE-2004-0695 [HIGH] CVE-2004-0695: Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attack Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
nvd
CVE-2004-0697MEDIUMCVSS 5.0v4.0v5.2+7 more2004-07-27
CVE-2004-0697 [MEDIUM] CVE-2004-0697: Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini co Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.
nvd
CVE-2004-0696MEDIUMCVSS 5.0v4.0v5.2+7 more2004-07-27
CVE-2004-0696 [MEDIUM] CVE-2004-0696: The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrar The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character.
nvd
CVE-2004-0698LOWCVSS 3.6v4.0v5.2+7 more2004-07-27
CVE-2004-0698 [LOW] CVE-2004-0698: 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink att 4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack.
nvd