MidnightBSD

Advisories for verity

CVE-2002-0370 HIGH

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ibm lotus_notes 5.0
ibm lotus_notes r6
microsoft windows_xp *
ibm lotus_notes r5
ibm lotus_notes 5.0.1
ibm lotus_notes 5.0.2
allume_systems_division stuffit_expander 6.5.2
ibm lotus_notes 5.0.9a
microsoft windows_me *
ibm lotus_notes *
ibm lotus_notes 5.0.3
ibm lotus_notes 5.0.4
ibm lotus_notes 5.0.10
winzip winzip 7.0
microsoft windows_98_plus_pack *
ibm lotus_notes 5.0.5
ibm lotus_notes 5.0.11
verity keyview_viewing_sdk gold
CVE-2002-1651 MEDIUM

Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitrary web content and steal sensitive information from other clients, possibly due to certain error messages from template pages that use the (1) vformat or (2) vfilter functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
verity search97 2.1
CVE-2004-0050 MEDIUM

Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
verity ultraseek *
CVE-2005-0514 MEDIUM

Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
verity verity_ultraseek 5.3.3