Rapid7 Security Advisories
We release vulnerability reports as part of our ongoing research into computer security. Below are the public announcements made so far.
Advisories
- R7-0033: Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting; Aug 5, 2008; CVE-2008-2939
- R7-0032: Microsoft Internet Explorer FTP Command Injection Vulnerability; Mar 10, 2008
- R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities; Dec 6, 2007
- R7-0030: Caucho Resin Multiple Path Disclosure Vulnerabilities; May 14, 2007; CVE-2007-2441
- R7-0029: Caucho Resin Web Application Directory Traversal; May 14, 2007; CVE-2007-2440
- R7-0028: Caucho Resin World Readable DOS Device; May 14, 2007; CVE-2007-2439
- R7-0027: Denial-of-Service in the Xrender Extension's Trapezoid Drawing Routines; April 30, 2007; CVE-2007-2437
Supporting Material
- The example ZIP files associated with Rapid7 Advisory R7-0004 are available for download.