EUVD-2002-0725

Malware in sbrugna...

Buffer overflow

Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message...

CVE-2008-0234

Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message...

CVE-2002-1700

CVE-2002-1700 describes a cross-site scripting (XSS) flaw in the missing template handler of Macromedia ColdFusion MX. The vulnerability arises because the HTTP request parameter for the template name is not filtered, allowing an attacker to inject script that is echoed in a 404 error message and...

Microsoft Internet Explorer 6.0 SP2 - File Download Security Warning Bypass

Orginal Advisory and exploit by cyberflash Vengy Circumvent Windows XP SP2 security features using execCommand 'SaveAs' function! Demonstration: Notice that you don't receive any warning messages such as: "File Download - Security Warning" or "Open File - Security Warning". If "Hide file extensio...

CVE-2002-0733

CVE-2002-0733 is a cross-site scripting vulnerability in thttpd 2.20 and earlier. The issue arises when a crafted URL to a nonexistent page is inserted into a 404 error page, enabling remote attackers to execute arbitrary script in the context of the user viewing the error page. The connected dat...

CVE-2002-1700

Cross-site scripting vulnerability XSS in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message...

Apache Host: crossite scripting

404 error message contains unescaped Host: header of HTTP request...