CVE-2008-2405

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

Code injection

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

CVE-2008-2405

Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications...

Code injection

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. NOTE: this might overlap CVE-2007-2635...

CVE-2008-2423

Interchange vulnerability CVE-2008-2423 affects Interchange prior to 5.6.0 and prior to 5.5.2, allowing remote DoS via crafted HTTP requests. Root cause not detailed in the provided documents. Impact is denial of service; no exploitation status is stated. Remediation indicated by the references i...

mantis -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. Input passed to the "filtertarget" parameter in returndynamicfilters.ph...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the popular SWF file format, which is commonly used to provide interactive websites, digital experiences and mobile content. Description Multiple vulnerabilities have been discovered in Adobe Flash: Secunia Research and Zero Day Initiative...

CVE-2008-1854

The CVE-2008-1854 entry applies to SmarterMail Web Server (SMWebSvr.exe) in SmarterMail version 5.0.2999, where a denial-of-service (service termination) can be triggered by processing excessively long HTTP requests of several methods (GET, HEAD, PUT, POST, TRACE). The available connected documen...

CVE-2008-1854

Unspecified vulnerability in SmarterMail Web Server SMWebSvr.exe in SmarterMail 5.0.2999 allows remote attackers to cause a denial of service service termination via a long HTTP 1 GET, 2 HEAD, 3 PUT, 4 POST, or 5 TRACE request. NOTE: the provenance of this information is unknown; the details are...

Memory corruption

WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service memory corruption and daemon crash or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third...

CVE-2008-1690

CVE-2008-1690 affects WebContainer.exe version 1.0.0.336 and earlier bundled with SLMail Pro 6.3.1.0 and earlier. The issue allows remote attackers to trigger a denial of service (memory corruption and daemon crash) and potentially execute arbitrary code by sending a long URI in HTTP requests to ...

SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service

SmarterTools SmarterMail 5.0 - HTTP Request Handling Denial of Service source: https://www.securityfocus.com/bid/28610/info SmarterTools SmarterMail is prone to a denial-of-service vulnerability when handling specially crafted HTTP GET, HEAD, PUT, POST, and TRACE requests. When the server...

ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite

-------------------------------------------------------------------- ChilkatHttp ActiveX 2.3 Arbitrary Files Overwrite url: www.chilkatsoft.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your own risk...

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure source: https://www.securityfocus.com/bid/28548/info Microsoft's Crypto API library is prone to an information-disclosure vulnerability because HTTP requests to arbitrary hosts and ports may be automatically trigger...

CVE-2008-1528

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...

Authentication flaw

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...

CVE-2008-1528

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40AGD.2 through 3.40AHQ.3, allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for 1 RemMagSNMP.html, which...