OSVDB: Open Sourced Vulnerability Database

Affiliation/Organization: ProCheckUp

Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (27 vulns), the following statistics apply:

Min Time To Patch:	16 days
Avg Time To Patch:	212 days
Max Time To Patch:	295 days

Other Affiliations

Creditees Affiliated with ProCheckUp have also affiliated with:

Website: http://www.procheckup.com/

Creditees currently or formerly associated with ProCheckUp (3):
(ordered by association date)

Known Since	Name	Vulns Through Affiliation
2010-05-21	Richard Brain	50
2010-12-14	ProCheckUp Ltd	10
2010-12-21	Jan Fry	6

Disclosed Vulnerabilities (62):

Discl. Date	OSVDB ID	CVE ID	Creditees	Title
2011-10-16	76674		Richard Brain	Check Point UTM-1 Edge / Safe@Office UfpBlock.html backurl Parameter Arbitrary Site Redirect
2011-10-16	76672		Richard Brain	Check Point UTM-1 Edge / Safe@Office pub/ufp.html url Parameter XSS
2011-10-16	76675		Richard Brain	Check Point UTM-1 Edge / Safe@Office WebUI /pub/test.html url Parameter Information Disclosure
2011-10-16	87240		Richard Brain	Check Point UTM-1 Edge / Safe@Office Login Page Session Cookie XSS
2011-10-16	87243		Richard Brain	Check Point UTM-1 Edge / Safe@Office diag_command.html sw__custom Parameter XSS
2011-10-16	87242		Richard Brain	Check Point UTM-1 Edge / Safe@Office UfpBlock.html ufpblockterms Parameter XSS
2011-10-16	87241		Richard Brain	Check Point UTM-1 Edge / Safe@Office HotSpot.html hotspotterms Parameter XSS
2011-10-16	76673		Richard Brain	Check Point UTM-1 Edge / Safe@Office Unspecified CSRF
2011-05-16	72428		Richard Brain	Mitel Audio and Web Conferencing wd/wdinvite.asp SID Parameter XSS
2011-05-16	72429		Richard Brain	Mitel Audio and Web Conferencing wd/connect.asp Multiple Parameter XSS
2011-05-16	72430		Richard Brain	Mitel Audio and Web Conferencing wd/applets/Error.asp type Parameter XSS
2011-05-09	72387		Richard Brain	Keyfax Customer Response Management keyfax32/test/response.asp co Parameter XSS
2011-05-09	72388		Richard Brain	Keyfax Customer Response Management keyfax32/rs/main_rs.asp C Parameter XSS
2011-05-09	72389		Richard Brain	Keyfax Customer Response Management Multiple Configuration File Cleartext Credential Remote Disclosure
2011-05-05	72321		Richard Brain	BMC Remedy Knowledge Management external.jsp doc Parameter XSS
2011-05-05	72322		Richard Brain	BMC Remedy Knowledge Management viewdoc.jsp doc Parameter XSS
2011-05-05	72323		Richard Brain	BMC Remedy Knowledge Management search.jsp startDate Parameter XSS
2011-05-05	72324		Richard Brain	BMC Remedy Knowledge Management usersettings.jsp URI XSS
2011-05-05	72325		Richard Brain	BMC Remedy Knowledge Management AttachmentServlet URI XSS
2011-05-05	72371		Richard Brain Jan Fry	BMC Dashboards for BSM bmc_help2u/help_services/html URI XSS
2011-05-05	72372		Richard Brain Jan Fry	BMC Dashboards for BSM bmc_help2u/servlet/helpServlet2u msg Parameter XSS
2011-05-05	72373		Richard Brain Jan Fry	BMC Dashboards for BSM bsmdashboards/messagebroker/amfsecure XSS
2011-05-05	72374		Richard Brain Jan Fry	BMC Dashboards for BSM Bundled Adobe BlazeDS Traversal Arbitrary File Upload
2011-05-05	72375		Richard Brain Jan Fry	BMC Dashboards for BSM bmc_help2u/help_services/html/index.htm URL Parameter Spoofing Weakness
2011-03-14	75313	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/archives/index.cfm browsesubmit Parameter XSS
2011-03-14	75314	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/datasources/derbyEmbedded.cfm dsn Parameter XSS
2011-03-14	75315	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/extensions/corbaedit.cfm URI XSS
2011-03-14	75316	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/logviewer/searchlog.cfm logfile Parameter XSS
2011-03-14	75318	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/jvm.cfm browsesubmit Parameter XSS
2011-03-14	75317	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/fonts.cfm Multiple Parameter XSS
2011-03-14	75319	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/mappings.cfm browsesubmit Parameter XSS
2011-03-14	75320	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/version.cfm browsesubmit Parameter XSS
2011-03-14	75321	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/analyzer/index.cfm browsesubmit Parameter XSS
2011-03-14	75322	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/archives/index.cfm browsesubmit Parameter XSS
2011-03-14	75323	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/extensions/corbaedit.cfm URI XSS
2011-03-14	75324	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/logviewer/searchlog.cfm logfile Parameter XSS
2011-03-14	75325	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/extensions/appletedit.cfm method Parameter XSS
2011-03-14	75326	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/extensions/cfx_cppedit.cfm PROCEDURE Parameter XSS
2011-03-14	75327	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/eventgateway/gatewaytypes.cfm typename Parameter XSS
2011-03-14	75328	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/clientvariables.cfm action Parameter XSS
2011-03-14	75329	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/datasources/index.cfm locale Parameter XSS
2011-03-14	75330	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/j2eepackaging/editarchive.cfm locale Parameter XSS
2011-03-14	75331	2011-0580	Richard Brain	Adobe ColdFusion Administrator Console /administrator/settings/charting.cfm browsesubmit Parameter XSS
2011-02-08	70899	2011-0580	Richard Brain HongZhen Zhou Tenable Network Security Bogdan Calin Michael Dominice	Adobe ColdFusion Administrator Console Multiple Unspecified XSS
2010-12-21	69934		Jan Fry	Mitel Audio and Web Conferencing (AWC) awcuser/cgi-bin/vcs xsl Parameter Arbitrary Command Injection
2010-12-21	74945		Richard Brain	Viva Thumbs Plugin for WordPress Multiple Script filename Parameter Traversal File Existence Enumeration
2010-12-14	69991		ProCheckUp Ltd	BlogCFC tags/podlayout.cfm ATTRIBUTES.TITLE Parameter XSS
2010-12-14	69941	2010-4111	ProCheckUp Ltd	HP Insight Diagnostics Online Edition hpdiags/frontend2/help/search.php query Parameter XSS
2010-12-14	69977	2010-4112	ProCheckUp Ltd	HP Insight Management Agents hmanics/hmanics.snmp.php Path Disclosure
2010-12-14	69992		ProCheckUp Ltd	BlogCFC tags/textarea.cfm attributes.class Parameter XSS
2010-12-14	69993		ProCheckUp Ltd	BlogCFC tags/getpods.cfm URL XSS
2010-12-14	69994		ProCheckUp Ltd	BlogCFC includes/pods/subscribe.cfm Multiple Parameter XSS
2010-12-14	69995		ProCheckUp Ltd	BlogCFC index.cfm Multiple Parameter XSS
2010-12-14	69996		ProCheckUp Ltd	BlogCFC search.cfm URL XSS
2010-12-14	69997		ProCheckUp Ltd	BlogCFC stats.cfm URL XSS
2010-12-14	69998		ProCheckUp Ltd	BlogCFC statsbyyear.cfm URL XSS
2010-12-13	69938		Richard Brain	Mura CMS admin/view/layouts/template.cfm fusebox.ajax Parameter XSS
2010-12-13	69939		Richard Brain	Mura CMS default/includes/email/inc_email.cfm rsEmail.site Parameter XSS
2010-12-03	69686	2010-4514	Richard Brain	DotNetNuke Install/InstallWizard.aspx __VIEWSTATE Parameter XSS
2010-08-30	67748	2010-3003	Richard Brain	HP Insight Diagnostics Online Edition on Linux parameters.php device Parameter XSS
2010-05-21	64844	2010-2103	Richard Brain	Apache Axis2/Java axis2/axis2-admin/engagingglobally modules Parameter XSS
2009-01-14	51394	2008-3821		Cisco IOS HTTP Server URL Strings Unspecified XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Creditees currently or formerly associated with ProCheckUp (3):(ordered by association date)

Disclosed Vulnerabilities (62):

Creditees currently or formerly associated with ProCheckUp (3):
(ordered by association date)