Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2021-28091
Disclosure Date: June 04, 2021 (last updated February 22, 2025)
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
0
Attacker Value
Unknown
CVE-2015-1783
Disclosure Date: August 11, 2017 (last updated November 26, 2024)
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors.
0
Attacker Value
Unknown
CVE-2009-0050
Disclosure Date: January 07, 2009 (last updated October 04, 2023)
Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
0
Attacker Value
Unknown
CVE-2005-2605
Disclosure Date: August 17, 2005 (last updated February 22, 2025)
Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags.
0
Attacker Value
Unknown
CVE-2002-2118
Disclosure Date: December 31, 2002 (last updated February 22, 2025)
Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote attackers to cause a denial of service via a long URL.
0
Attacker Value
Unknown
CVE-1999-1250
Disclosure Date: August 19, 1997 (last updated February 22, 2025)
Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files.
0
