GCVE - cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*

part: h version: * update: *

Vendor	Bluecoat (`f1fecdf9-77b6-50ef-a95c-e283dc1e2cf5`)
Product	Proxysg (`86b955d0-3c2e-57c1-9d6b-ba1ad4984427`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2010-5192`	vulnerable	2026-06-03 14:30:45.415615	Details available Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2012-08-26T19:00:00.000Z Updated: 2024-08-07T04:09:39.307Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2010/2562 https://kb.bluecoat.com/index?page=content&id=SA47 https://exchange.xforce.ibmcloud.com/vulnerabilities/62240 http://www.osvdb.org/68322 http://www.securityfocus.com/bid/43675	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-5190`	vulnerable	2026-06-03 14:30:45.408478	Details available The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities. Published: 2012-08-26T19:00:00.000Z Updated: 2024-09-16T22:41:25.454Z Open on db.gcve.eu Reference links https://kb.bluecoat.com/index?page=content&id=SA48	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-5189`	vulnerable	2026-06-03 14:30:45.391771	Details available Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote authenticated users to execute arbitrary CLI commands by leveraging read-only administrator privileges and establishing an HTTPS session. Published: 2012-08-26T19:00:00.000Z Updated: 2024-09-17T03:07:04.023Z Open on db.gcve.eu Reference links https://kb.bluecoat.com/index?page=content&id=SA45	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-1211`	vulnerable	2026-06-03 14:29:28.563570	Details available Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header. Published: 2009-04-01T10:00:00.000Z Updated: 2024-09-17T04:09:14.663Z Open on db.gcve.eu Reference links https://hypersonic.bluecoat.com/support/securityadvisories/ProxySG_in_transparent_deployments http://www.securitytracker.com/id?1021781	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0112`	vulnerable	2026-06-03 14:26:34.327458	Details available The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. Published: 2004-03-18T05:00:00.000Z Updated: 2024-08-08T00:10:03.359Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/9899 http://marc.info/?l=bugtraq&m=108403806509920&w=2 http://www.redhat.com/support/errata/RHSA-2004-121.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:023 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0081`	vulnerable	2026-06-03 14:26:34.216231	Details available OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. Published: 2004-03-18T05:00:00.000Z Updated: 2024-08-08T00:01:23.650Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/9899 http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html http://marc.info/?l=bugtraq&m=107955049331965&w=2 http://www.redhat.com/support/errata/RHSA-2004-121.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0079`	vulnerable	2026-06-03 14:26:34.177002	Details available The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. Published: 2004-03-18T05:00:00.000Z Updated: 2025-01-16T17:33:22.869Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/9899 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html http://marc.info/?l=bugtraq&m=108403806509920&w=2 http://www.redhat.com/support/errata/RHSA-2004-121.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.