Direct Web Rendering Multiple Remote Vulnerabilities
BID:21955
Info
Direct Web Rendering Multiple Remote Vulnerabilities
| Bugtraq ID: | 21955 |
| Class: | Unknown |
| CVE: |
CVE-2007-0184 CVE-2007-0185 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 09 2007 12:00AM |
| Updated: | Feb 19 2009 11:07PM |
| Credit: | The vendor reported these issues. |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 10 SP2 Getahead Direct Web Rendering 1.1.3 Getahead Direct Web Rendering 1.1.2 Getahead Direct Web Rendering 1.1.1 Getahead Direct Web Rendering 1.0 Getahead Direct Web Rendering 0.9 Getahead Direct Web Rendering 0.8 Getahead Direct Web Rendering 0.7 |
| Not Vulnerable: |
Getahead Direct Web Rendering 1.1.4 |
Discussion
Direct Web Rendering Multiple Remote Vulnerabilities
Direct Web Rendering is prone to multiple remote vulnerabilities, including a security-bypass issue and a denial-of-service issue.
An attacker can exploit these issues to access restricted methods and to crash the affected application, denying service to legitimate users. Other attacks are also possible.
These issues affect versions prior to 1.1.4.
Direct Web Rendering is prone to multiple remote vulnerabilities, including a security-bypass issue and a denial-of-service issue.
An attacker can exploit these issues to access restricted methods and to crash the affected application, denying service to legitimate users. Other attacks are also possible.
These issues affect versions prior to 1.1.4.
Exploit / POC
Direct Web Rendering Multiple Remote Vulnerabilities
An attacker can exploit these issues through a web client.
An attacker can exploit these issues through a web client.
Solution / Fix
References
Direct Web Rendering Multiple Remote Vulnerabilities
References:
References:
- Direct Web Rendering Homepage (Getahead )
- Direct Web Rendering Version 1.1.4 Change Log (Getahead )