116 matches found
Ubuntu: Security Advisory (USN-786-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-787-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-786-1: apr-util vulnerabilities
Matthew Palmer discovered an underflow flaw in apr-util. An attacker could cause a denial of service via application crash in Apache using a crafted SVNMasterURI directive, .htaccess file, or when using modapreq2. Applications using libapreq2 are also affected. CVE-2009-0023 It was discovered tha...
FreeBSD Ports: apr
The remote host is missing an update to the system as announced in the referenced advisory. VID eb9212f7-526b-11de-bbf2-001b77d09812 OpenVAS Vulnerability Test $ Description: Auto generated from VID eb9212f7-526b-11de-bbf2-001b77d09812 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:131 (apr-util)
The remote host is missing an update to apr-util announced via advisory MDVSA-2009:131. OpenVAS Vulnerability Test $Id: mdksa2009131.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:131 apr-util Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...
Mandriva Linux Security Advisory : apr-util (MDVSA-2009:131)
Multiple security vulnerabilities has been identified and fixed in apr-util : The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the...
CVE-2009-1955
CVE-2009-1955 affects the Expact XML parser used by the apr_xml_* interface in xml/apr_xml.c of APR-util, with the vulnerability present in APR-util prior to 1.3.7. In Apache HTTP Server deployments that enable mod_dav and mod_dav_svn, a crafted XML document containing a large number of nested en...
CVE-2009-1955
creationtimestamp| type| source ---|---|--- 2009-06-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8842...
CVE-2008-1955
CVE-2008-1955 : The vulnerability is an XSS flaw in the MyBoard 1.0.12 package, specifically in the file rep.php, where the id parameter can be exploited to inject arbitrary script/HTML. Public references (NVD, CVE listings) confirm this cross-site scripting issue; NVD notes a Medium base score o...
CVE-2008-1955
creationtimestamp| type| source ---|---|--- 2008-04-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31658...
CVE-2007-1955
Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute arbitrary code via a long string in unspecified arguments to the 1 DownloadCert, 2 DecryptFileByKey, and 3 EncryptFileByKey functions, a different module and vectors th...
CVE-2007-1955
Two CVEs concern SignKorea ActiveX controls and describe stack-based/buffer overflow vulnerabilities that enable remote code execution. CVE-2007-1955 affects SignKorea SKCrypAX ActiveX (module 5.4.1.2); the flaw is triggered by a long string argument to DownloadCert, DecryptFileByKey, or EncryptF...
CVE-2002-1955
Technical details (affected products, versions, root cause, or fixes) are not publicly provided in the supplied documents. Monitor for updates.
CVE-2005-1955
CVE-2005-1955 describes an XSS in index.php of singapore 0.9.11, exploitable via the gallery parameter. Root cause is insufficient sanitization of the gallery parameter, allowing remote attackers to inject arbitrary script/HTML. Impact is client-side script execution; session data exposure is pos...
CVE-2005-1955
Cross-site scripting XSS vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter...
CVE-2004-1955
The CVE-2004-1955 entry describes a SQL injection in the phProfession 2.5 package, specifically via the offset parameter in modules.php. Affected software: phProfession 2.5; vulnerable component: modules.php. Root cause: improper handling of the offset input enables arbitrary SQL execution by rem...