2442 matches found
CVE-2011-4512
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 aka TIA portal before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows...
CVE-2011-4512
CVE-2011-4512 is a CRLF/header-injection vulnerability in the Siemens SIMATIC WinCC/HMI web server. Affected products include WinCC flexible 2004/2005/2007/2008 before SP3; WinCC V11 (TIA Portal) before SP2 Update 1; multiple SIMATIC HMI panels (TP/OP/MP/Comfort/Mobile); WinCC V11 Runtime Advance...
CVE-2012-0310
CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2012-0310
CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2012-0310
CVE-2012-0310 is a CRLF/header injection vulnerability in Cogent DataHub (7.1.2 and earlier), Cascade DataHub (6.4.20 and earlier), and OPC DataHub (6.4.20 and earlier). The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors....
JVN#63249231: Cogent DataHub vulnerable to HTTP header injection
Cogent DataHub provided by Cogent Real-Time Systems Inc. contains a HTTP header injection vulnerability also known as CRLF, carriage return line feed, injection vulnerability. Impact If a remote attacker sends a crafted HTTP header to a vulnerable system, forged information may be displayed on th...
Mozilla Multiple Products Multiple Location Headers HTTP Response Splitting (CVE-2011-3000)
An HTTP response splitting vulnerability has been reported in Mozilla Firefox, Thunderbird and SeaMonkey. The vulnerability is due to an error in the way the applications handle HTTP responses with multiple location headers. A remote attacker may exploit this vulnerability by enticing users to op...
CVE-2011-4203
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...
CVE-2011-4203
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...
CVE-2011-4203
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving the url variable...
CVE-2011-4203
The CVE-2011-4203 issue affects Moodle’s Calendar component, specifically calendar/set.php. The root cause is a CRLF injection via the url parameter, allowing remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting. Affected versions are Moodle 1.9.x before 1.9.15, 2...
CentOS Update for perl CESA-2011:1797 centos4 i386
Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CentOS Update for perl CESA-2011:1797 centos5 i386
Check for the Version of perl OpenVAS Vulnerability Test CentOS Update for perl CESA-2011:1797 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
perl security update
CentOS Errata and Security Advisory CESA-2011:1797 Updated perl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...
RedHat Update for perl RHSA-2011:1797-01
Check for the Version of perl OpenVAS Vulnerability Test RedHat Update for perl RHSA-2011:1797-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
RedHat Update for perl RHSA-2011:1797-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Moderate: Red Hat Security Advisory: perl security update
Updated perl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
Crlf injection
CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter...
CVE-2011-4545
CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter...
CVE-2011-4545
The CVE refers to a CRLF injection in Prestashop 1.4.4.1, specifically in admin/displayImage.php, exploitable via the name parameter to inject arbitrary HTTP headers and conduct HTTP response splitting. The NVD entry lists a base score of 5.0 (Medium) with network attack vector, low complexity, n...