2442 matches found
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-3913
CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2010-3172
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...
Crlf injection
CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2010-3172
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...
CVE-2010-3913
CVE-2010-3913 affects TransWARE Active! mail 6 (build 6.40.010047750 and earlier). The vulnerability is a CRLF/HTTP header injection that can enable HTTP response splitting and allow remote attackers to inject headers. Documented impacts include falsified information being displayed and potential...
CVE-2010-3172
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...
CVE-2010-3913
CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2010-3172
CVE-2010-3172 describes a CRLF injection/HTTP response-splitting vulnerability in Bugzilla when Server Push is enabled, allowing a crafted URL to inject arbitrary HTTP headers and content. Affected Bugzilla versions: 3.2.9 and later within 3.2.x; 3.4.x before 3.4.9; 3.6.x before 3.6.3; 4.0.x befo...
Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: There is a way to inject both headers and content to users, causing a serious...
Oracle Java System Web Server HTTP Response Splitting Vulnerability
The host is running Oracle Java System Web Server and is prone to HTTP response splitting vulnerability. OpenVAS Vulnerability Test $Id: gboraclesjswebserverresponsesplittingvuln.nasl 5390 2017-02-21 18:39:27Z mime $ Oracle Java System Web Server HTTP Response Splitting Vulnerability Authors: Ant...
Oracle Java System Web Server HTTP Response Splitting Vulnerability - Active Check
Oracle Java System Web Server is prone to an HTTP response splitting vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability
Exploit for php platform in category web applications ================================================================== Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability ==================================================================...
JVN#72541530: Active! mail 6 vulnerable to HTTP header injection
Active! mail 6 from TransWARE Co. is a web-based email software. Active! mail 6 contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response splitting attacks are also possible. Soluti...
Oracle Sun Java System Web Server - HTTP Response Splitting
Exploit for jsp platform in category web applications =========================================================== Oracle Sun Java System Web Server - HTTP Response Splitting =========================================================== Description Security-Assessment.com discovered that is possible...
Oracle Sun Java System Web Server - HTTP Response Splitting
Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied input is used to generate the value of an HTTP header, as shown ...
Oracle Sun Java System Web Server - HTTP Response Splitting
Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...
RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01
Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...