| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0187 | 7.5 |
F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper c
|
15-11-2008 - 06:39 | 12-01-2007 - 05:04 | |
| CVE-2007-0186 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via (1) the xcho parameter to my.logon.php3; the (2) topblue, (3) midblue, (4) wtopblue, and certain other Custom
|
05-09-2008 - 21:17 | 12-01-2007 - 05:04 | |
| CVE-2007-0188 | 6.5 |
F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass ad
|
05-09-2008 - 21:17 | 12-01-2007 - 05:04 | |
| CVE-2007-0195 | 5.0 |
my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP ac
|
05-09-2008 - 21:17 | 12-01-2007 - 05:04 |