95 matches found
CVE-2001-1450
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service browser crash via a crafted FTP URL such as "/../"...
CVE-2001-1450
CVE-2001-1450 affects Microsoft Internet Explorer 5.0–6.0. A crafted FTP URL such as "/.#./" can cause a denial of service (browser crash). Documents do not provide exploitation details or remediation/patch information.
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
RHEL 2.1 / 3 : libxml (RHSA-2004:650)
An updated libxml package that fixes multiple buffer overflows is now available. Updated 24 May 2005 Multilib packages have been added to this advisory The libxml package contains a library for manipulating XML files. Multiple buffer overflow bugs have been found in libxml versions prior to 2.6.1...
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
CVE-2004-0989
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 libxml2, and possibly other versions, may allow remote attackers to execute arbitrary code via 1 a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, 2 a long proxy URL containing FTP data that is not properly handled...
CVE-2004-1948
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list...
CVE-2004-1948
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list...
Microsoft Internet Explorer vulnerable to DoS via crafted ftp:// URL
Overview Microsoft Internet Explorer has a vulnerability that may cause the program to crash when opening some FTP URL's. Description Microsoft Internet Explorer with Browsing Enhancements installed by default on some versions of Windows may crash when opening an FTP URL containing '' or '&'...
Microsoft Internet Explorer 5/6 - FTP Web View Cross-Site Scripting
source: https://www.securityfocus.com/bid/4954/info A cross site scripting issue has been reported with some versions of Microsoft Internet Explorer for Windows. Under some configurations, data included within a FTP URL will be rendered as displayed content, allowing the execution of arbitrary...
Microsoft Internet Explorer 56 - FTP Web View Cross-Site Scripting
Microsoft Internet Explorer 56 - FTP Web View Cross-Site Scripting source: https://www.securityfocus.com/bid/4954/info A cross site scripting issue has been reported with some versions of Microsoft Internet Explorer for Windows. Under some configurations, data included within a FTP URL will be...
Squid 2.0-4 - Cache FTP Proxy URL Buffer Overflow
// source: https://www.securityfocus.com/bid/4148/info A buffer overflow exists in the Squid proxy server's FTP URL handling. If a user has the ability to use the Squid process to proxy FTP requests, it may be possible for the user make a malicious request. By sending a custom-crafted ftp:// URL...
CVE-2001-1450
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service browser crash via a crafted FTP URL such as "/../"...