HP OpenView Network Node Manager 6.41 and 7.5 running on Solaris 8 and possibly other versions suffer from an input sanitization vulnerability leading to command execution.
3e81f46fdcedfadbe17c7ee06e37ef2087c97af56053ad55459cd886e0a9cd78
The ACPI 1.6 BIOS is susceptible to a denial of service attack due to a code logic error.
ed8d0c1b362501811eb00bac555b4f26fc66345b00304f9067d8d489e32bbd94
Portcullis Security Advisory - The Emotion MediaPartner Web Server version 5.0 suffers from a classic directory traversal attack.
6be621a00b4ac12f30f5e4697e1024e0eab7f2133fbd8e721232b10ea90de2e7
Portcullis Security Advisory - Portcullis consultants have discovered that by manipulating the values of certain variables used during report selection in the Bottomline Webseries Payment Application, it was possible to cause the application to download and execute arbitrary reports from any machine on the network capable of supporting Windows shares.
f009c2380fcd1cbba7d66f9f2ef31670954a3f2029a98ee9d84cca0d3ba4fb05
Portcullis Security Advisory - The change password functionality in the Bottomline Webseries Payment Application does not require a user to enter their current password.
ac14e74b201c189bcc58ed1aee9a9b5cbb3fea5c50d6ced8f5457799f2b35a84
Portcullis Security Advisory - The password policy that enforces the minimum length of passwords in the Bottomline Webseries Payment Application is implemented in the client browser using JavaScript which can be bypassed using any local proxy system.
916e830c66d6a47c2b5807ae33235c48e2ea7625fe80c6360a0cb542e2807e0d
Portcullis Security Advisory - By manipulating the values of certain variables used during report selection it was possible enumerate the directory structure on the web server of the Bottomline Webseries Payment Application.
ea62a539bcf86d0e469c020637e6a639c321a7f55f2288b8085e3922eae483f3
Portcullis Security Advisory - The Bottomline Webseries Payment Application system embeds full paths to files on the underlying filesystem in various HTTP variables. reference directories and files on the web server.
af4ded5365a3c80754f7a8a99c94d1aed1f24fd909030ccb31e074c1b5e27f37
Portcullis Security Advisory - Emotion MediaPartner Web Server versions 5.0 and 5.1 have a flaw where the source of a bhtml file can be displayed with a period or plus sign are added to the request.
55943bc26b57178fe615eee1793659d16450a87ea92cf01ae4f68b6e1a996da6
Portcullis Security Advisory - MediaPartner 5.0 has a logic flaw that allows the authentication mechanism to be bypassed.
05088e775c9bc1cab5b434d2c2c98482abcb4b89534f2d9f790543be62b33c1e
Portcullis Security Advisory - Bottomline Webseries Payment Application system fails to authenticate user actions when direct URLs are accessed.
5a581420b27f4f143ed0c88ebb559d474bd8494bfaaec71645fbfc7df5cea0ee