2460 matches found
Opera Browser 'Content-Length' Header Buffer Overflow Vulnerability - Linux
Opera Web Browser is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-1349
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow...
Integer overflow
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow...
CVE-2010-1349
Opera 10.10–10.50 contains a Content-Length header handling bug that can trigger a heap overflow, enabling remote code execution. Multiple connected advisories confirm a buffer/heap overflow vulnerability in Opera related to processing HTTP server replies and Content-Length values. Affected versi...
CVE-2010-1349
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow...
HTTP Content-Length header can be used to execute arbitrary code
Large values in the HTTP Content-Length header can cause Opera to crash. Certain specific values can cause a memory corruption, which in some cases can allow arbitrary code to be injected and executed. In most cases Opera will just crash. To inject code, additional techniques will have to be...
HTTP Content-Length header can be used to execute arbitrary code – Opera Security Advisories
HTTP Content-Length header can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | March 17, 2010 Affected versions This vulnerability affects Opera for Microsoft Windows. Severity Highly Severe Description Large values in the HTTP Content-Length header can cause Opera to...
Debian DSA-2002-1 : polipo - denial of service
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3305 A malicous remote server could cause polipo to crash by sending an invalid Cache-Control heade...
Apache Tomcat mod_jk 1.2.0-1.2.26 Content Length信息泄露漏洞
No description provided by source...
PHP-Fusion Avatar_Studio Local File Inclusion
Tested on: Spanish version By modifying "avatarstudio" parameter at POST data at avatarstudio.php you can retrieve all images at that dir. Also using "avatarselect" you can add yourself a file as avatar which may not be .jpg Proof of concept: POST /infusions/avatarstudio/avatarstudio.php HTTP/1.1...
SOFT64 PHP Whois XSS Vulnerability
No description provided by source. Exploit Title: SOFT64 PHP Whois XSS Vulnerability Date: 24/12/2009 Author: bi0 Software Link: http://blog.soft64download.com/files/ajax-whois.rar /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111...
Novell eDirectory HTTP Request Content-Length Heap Buffer Overflow (CVE-2008-4478)
Novell eDirectory is an X.500 and LDAP compatible directory server intended for use as a part of an identity management solution. The product is made available for multiple platforms including NetWare, Unix-like systems, and Windows. There exists a heap buffer overflow vulnerability in Novell...
mod_jk: session information leak
The JK Connector aka modjk 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving 1 a request from a different client that included a Content-Length header but no POST dat...
Debian: Security Advisory (DSA-1914-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Integer overflow
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...
DEBIAN-CVE-2009-2281
Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...
CA iTechnology iGateway Service Content-Length Buffer (CVE-2005-3653)
Numerous Computer Associates CA products incorporate shared components that perform common tasks not specific to any one product. One such component is the CA iGateway service. The iGateway service is an XML-based interface that integrates with storage management applications and facilitates...
帝国(EmpireCMS47) sql inject Exploit
No description provided by source. ?php printr" +------------------------------------------------------------------+ Exploit For EmpireCMS47 Just work as php=5&mysql=4.1 BY t00ls.net +------------------------------------------------------------------+ "; if $argc3 echo "Usage: php ".$argv0." host...
CVE-2008-7160
The silchttpserverparse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing SILC Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header,...
Format string
The silchttpserverparse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing SILC Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted Content-Length header,...