Lucene search
K

35 matches found

Amazon
Amazon
added 2011/10/10 12:0 a.m.29 views

Medium: perl-FCGI

Issue Overview: The FCGI aka Fast CGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. Affected Packages: perl-FCGI Issu...

7.5CVSS7.1AI score0.07238EPSS
Exploits1
Prion
Prion
added 2011/09/23 10:55 a.m.15 views

Authentication flaw

The FCGI aka Fast CGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers...

7.5CVSS7.3AI score0.07238EPSS
Exploits1References11Affected Software2
Debian CVE
Debian CVE
added 2011/09/23 10:0 a.m.21 views

CVE-2011-2766

The FCGI aka Fast CGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers...

7.5CVSS6.7AI score0.07238EPSS
Exploits1
Cvelist
Cvelist
added 2011/03/08 9:0 p.m.23 views

CVE-2011-0344

Multiple stack-based buffer overflows in unspecified CGI programs in the Unified Maintenance Tool web interface in the embedded web server in the Communication Server CS in Alcatel-Lucent OmniPCX Enterprise before R9.0 H1.301.50 allow remote attackers to execute arbitrary code via crafted HTTP...

7.9AI score0.02318EPSS
Exploits0References6
Prion
Prion
added 2010/04/01 10:30 p.m.18 views

Security feature bypass

Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers...

7.5CVSS7.1AI score0.014EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/11/05 4:30 p.m.19 views

CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

5CVSS6.2AI score0.04813EPSS
Exploits1References24
EUVD
EUVD
added 2009/11/05 4:0 p.m.4 views

EUVD-2009-3848

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

5CVSS6.3AI score0.04813EPSS
Exploits1References36
Cvelist
Cvelist
added 2009/11/05 4:0 p.m.31 views

CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted HTTP headers, which are not...

6.1AI score0.04813EPSS
Exploits1References24
NVD
NVD
added 2007/09/28 12:17 a.m.22 views

CVE-2007-4880

Buffer overflow in the Client Acceptor Daemon CAD, dsmcad.exe, in certain IBM Tivoli Storage Manager TSM clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905...

10CVSS7.6AI score0.75945EPSS
Exploits9References11
Cvelist
Cvelist
added 2007/09/28 12:0 a.m.23 views

CVE-2007-4880

Buffer overflow in the Client Acceptor Daemon CAD, dsmcad.exe, in certain IBM Tivoli Storage Manager TSM clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905...

7.6AI score0.75945EPSS
Exploits9References11
Prion
Prion
added 2007/04/10 9:19 p.m.19 views

Stack overflow

Stack-based buffer overflow in the Universal Plug and Play UPnP service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption...

6.8CVSS8.3AI score0.08838EPSS
Exploits0References9
CVE
CVE
added 2007/04/10 9:0 p.m.90 views

CVE-2007-1204

The CVE-2007-1204 issue affects Microsoft Windows XP SP2 with the UPnP service. It is a stack-based buffer overflow triggered by specially crafted HTTP headers in UPnP requests/notifications, allowing a remote attacker on the same subnet to execute arbitrary code in the context of the vulnerable ...

6.8CVSS7.9AI score0.08838EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/04/10 9:0 p.m.40 views

CVE-2007-1204

Stack-based buffer overflow in the Universal Plug and Play UPnP service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption...

7.9AI score0.08838EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2006/08/26 9:4 p.m.22 views

CVE-2006-3124

Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers...

7.5CVSS6.1AI score0.18678EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2006/08/26 10:0 a.m.29 views

CVE-2006-3124

Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers...

7.5CVSS7.2AI score0.18678EPSS
Exploits0
Rows per page
Query Builder