Refine your search
2 vulnerabilities found for FileMaker Pro Advanced by Claris International Inc. (formerly FileMaker, Inc)
jvndb-2014-000114
Vulnerability from jvndb
Published
2014-09-18 20:36
Modified
2014-09-24 18:47
Summary
FileMaker Pro fails to verify SSL server certificates
Details
FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.
NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-2319.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000114.html",
"dc:date": "2014-09-24T18:47+09:00",
"dcterms:issued": "2014-09-18T20:36+09:00",
"dcterms:modified": "2014-09-24T18:47+09:00",
"description": "FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate.\r\n\r\nNOTE: This vulnerability exists because of an incomplete fix for CVE-2013-2319.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000114.html",
"sec:cpe": [
{
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_pro_advanced",
"@product": "FileMaker Pro Advanced",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000114",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN85812843/index.html",
"@id": "JVN#85812843",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000048.html",
"@id": "JVNDB-2013-000048",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5321",
"@id": "CVE-2014-5321",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "FileMaker Pro fails to verify SSL server certificates"
}
jvndb-2014-000113
Vulnerability from jvndb
Published
2014-09-18 20:36
Modified
2015-05-22 11:37
Summary
FileMaker Pro vulnerable to cross-site scripting
Details
FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.
NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-3640.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000113.html",
"dc:date": "2015-05-22T11:37+09:00",
"dcterms:issued": "2014-09-18T20:36+09:00",
"dcterms:modified": "2015-05-22T11:37+09:00",
"description": "FileMaker Pro contains an \"Instant Web Publishing\" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting.\r\n\r\nNOTE: This vulnerability exists because of an incomplete fix for CVE-2013-3640.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000113.html",
"sec:cpe": [
{
"#text": "cpe:/a:claris:filemaker_pro",
"@product": "FileMaker Pro",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
},
{
"#text": "cpe:/a:claris:filemaker_pro_advanced",
"@product": "FileMaker Pro Advanced",
"@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000113",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN53579095/index.html",
"@id": "JVN#53579095",
"@source": "JVN"
},
{
"#text": "http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000049.html",
"@id": "JVNDB-2013-000049",
"@source": "JVN iPedia"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5322",
"@id": "CVE-2014-5322",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "FileMaker Pro vulnerable to cross-site scripting"
}