Refine your search
5 vulnerabilities found for FileMaker Pro by Claris International Inc. (formerly FileMaker, Inc)
jvndb-2014-000114
Vulnerability from jvndb
Published
2014-09-18 20:36
Modified
2014-09-24 18:47
Summary
FileMaker Pro fails to verify SSL server certificates
Details
FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.
NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-2319.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000114.html",
"dc:date": "2014-09-24T18:47+09:00",
"dcterms:issued": "2014-09-18T20:36+09:00",
"dcterms:modified": "2014-09-24T18:47+09:00",
"description": "FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.\r\n\r\nNOTE: This vulnerability exists because of an incomplete fix for CVE-2013-2319.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000114.html",
"sec:cpe": [
{
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_pro_advanced",
"@product": "FileMaker Pro Advanced",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000114",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN85812843/index.html",
"@id": "JVN#85812843",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000048.html",
"@id": "JVNDB-2013-000048",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "FileMaker Pro fails to verify SSL server certificates"
}
jvndb-2014-000113
Vulnerability from jvndb
Published
2014-09-18 20:36
Modified
2015-05-22 11:37
Summary
FileMaker Pro vulnerable to cross-site scripting
Details
FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.
NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-3640.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000113.html",
"dc:date": "2015-05-22T11:37+09:00",
"dcterms:issued": "2014-09-18T20:36+09:00",
"dcterms:modified": "2015-05-22T11:37+09:00",
"description": "FileMaker Pro contains an \"Instant Web Publishing\" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.\r\n\r\nNOTE: This vulnerability exists because of an incomplete fix for CVE-2013-3640.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000113.html",
"sec:cpe": [
{
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_pro_advanced",
"@product": "FileMaker Pro Advanced",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000113",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN53579095/index.html",
"@id": "JVN#53579095",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000049.html",
"@id": "JVNDB-2013-000049",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "FileMaker Pro vulnerable to cross-site scripting"
}
jvndb-2013-000048
Vulnerability from jvndb
Published
2013-05-31 15:43
Modified
2014-09-18 21:08
Summary
FileMaker Pro fails to verify SSL server certificates
Details
FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000048.html",
"dc:date": "2014-09-18T21:08+09:00",
"dcterms:issued": "2013-05-31T15:43+09:00",
"dcterms:modified": "2014-09-18T21:08+09:00",
"description": "FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000048.html",
"sec:cpe": {
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000048",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN85812843/index.html",
"@id": "JVN#85812843",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000114.html",
"@id": "JVNDB-2014-000114",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2319",
"@id": "CVE-2013-2319",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2013-2319",
"@id": "CVE-2013-2319",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "FileMaker Pro fails to verify SSL server certificates"
}
jvndb-2013-000049
Vulnerability from jvndb
Published
2013-05-31 15:43
Modified
2015-05-22 11:34
Summary
FileMaker Pro vulnerable to cross-site scripting
Details
FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000049.html",
"dc:date": "2015-05-22T11:34+09:00",
"dcterms:issued": "2013-05-31T15:43+09:00",
"dcterms:modified": "2015-05-22T11:34+09:00",
"description": "FileMaker Pro contains an \"Instant Web Publishing\" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000049.html",
"sec:cpe": {
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000049",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN53579095/index.html",
"@id": "JVN#53579095",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000113.html",
"@id": "JVNDB-2014-000113",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3640",
"@id": "CVE-2013-3640",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2013-3640",
"@id": "CVE-2013-3640",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "FileMaker Pro vulnerable to cross-site scripting"
}
jvndb-2007-000807
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
FileMaker cross-site scripting vulnerability
Details
FileMaker from FileMaker, Inc. contains a cross-site scripting vulnerability.
FileMaker is database software from FileMaker, Inc.
FileMaker contains a cross-site scripting vulnerability in its "Instant Web Publishing" function that enables users to publish database contents on the web.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000807.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "FileMaker from FileMaker, Inc. contains a cross-site scripting vulnerability.\r\n\r\nFileMaker is database software from FileMaker, Inc.\r\nFileMaker contains a cross-site scripting vulnerability in its \"Instant Web Publishing\" function that enables users to publish database contents on the web.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000807.html",
"sec:cpe": [
{
"#text": "cpe:/a:claris:filemaker",
"@product": "FileMaker",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_server",
"@product": "FileMaker Server",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000807",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN55833292/index.html",
"@id": "JVN#55833292",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6104",
"@id": "CVE-2007-6104",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6104",
"@id": "CVE-2007-6104",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27750",
"@id": "SA27750",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26515",
"@id": "26515",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/38600",
"@id": "38600",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3937",
"@id": "FrSIRT/ADV-2007-3937",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "FileMaker cross-site scripting vulnerability"
}