Vulnerabilities (CVE)

Filtered by vendor Critical Path Subscribe
Filtered by product Injoin Directory Server
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1315 1 Critical Path 2 Injoin Directory Server, Livecontent Directory 2023-12-10 7.5 HIGH N/A
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-0787 1 Critical Path 1 Injoin Directory Server 2023-12-10 7.5 HIGH N/A
Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.
CVE-2002-0786 1 Critical Path 1 Injoin Directory Server 2023-12-10 5.0 MEDIUM N/A
iCon administrative web server for Critical Path inJoin Directory Server 4.0 allows authenticated inJoin administrators to read arbitrary files by specifying the target file in the LOG parameter.
CVE-2001-1314 1 Critical Path 2 Injoin Directory Server, Livecontent Directory 2023-12-10 7.5 HIGH N/A
Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.