F-Secure Policy Manager vulnerabilities
4 known vulnerabilities affecting f-secure/policy_manager.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2004-1223P4MEDIUMCVSS 5.0PoCv5.112005-01-10
CVE-2004-1223 [MEDIUM] CVE-2004-1223: The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive
The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters.
nvd
CVE-2007-2964P4MEDIUMCVSS 5.0PoC≤ 7.002007-05-31
CVE-2007-2964 [MEDIUM] CVE-2007-2964: The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers
The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs.
nvd
CVE-2011-1102P4MEDIUMCVSS 4.3v7.00v8.00+3 more2011-02-25
CVE-2011-1102 [MEDIUM] CWE-79 CVE-2011-1102: Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x,
Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2011-1103P4MEDIUMCVSS 5.0v7.00v8.00+2 more2011-02-25
CVE-2011-1103 [MEDIUM] CWE-200 CVE-2011-1103: The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 o
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to obtain sensitive information via a request to an invalid report, which reveals the installation path in an error message, as demonstra
nvd