Lucene search
K

2442 matches found

UbuntuCve
UbuntuCve
added 2010/12/06 12:0 a.m.31 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS7.3AI score0.02713EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2010/12/06 12:0 a.m.26 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS7.3AI score0.02045EPSS
Exploits0References4
NVD
NVD
added 2010/11/05 5:0 p.m.10 views

CVE-2010-3913

CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS6.9AI score0.01104EPSS
Exploits0References5
NVD
NVD
added 2010/11/05 5:0 p.m.23 views

CVE-2010-3172

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...

2.6CVSS6.5AI score0.01787EPSS
Exploits0References9
Prion
Prion
added 2010/11/05 5:0 p.m.13 views

Crlf injection

CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS7.4AI score0.01104EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2010/11/05 5:0 p.m.34 views

CVE-2010-3172

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...

2.6CVSS6AI score0.01787EPSS
Exploits0References1
CVE
CVE
added 2010/11/05 4:28 p.m.44 views

CVE-2010-3913

CVE-2010-3913 affects TransWARE Active! mail 6 (build 6.40.010047750 and earlier). The vulnerability is a CRLF/HTTP header injection that can enable HTTP response splitting and allow remote attackers to inject headers. Documented impacts include falsified information being displayed and potential...

4.3CVSS7.1AI score0.01104EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2010/11/05 4:28 p.m.30 views

CVE-2010-3172

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...

6.5AI score0.01787EPSS
Exploits0References9
Cvelist
Cvelist
added 2010/11/05 4:28 p.m.13 views

CVE-2010-3913

CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.9AI score0.01104EPSS
Exploits0References5
CVE
CVE
added 2010/11/05 4:28 p.m.83 views

CVE-2010-3172

CVE-2010-3172 describes a CRLF injection/HTTP response-splitting vulnerability in Bugzilla when Server Push is enabled, allowing a crafted URL to inject arbitrary HTTP headers and content. Affected Bugzilla versions: 3.2.9 and later within 3.2.x; 3.4.x before 3.4.9; 3.6.x before 3.6.3; 4.0.x befo...

2.6CVSS6.5AI score0.01787EPSS
Exploits0References9Affected Software1
securityvulns
securityvulns
added 2010/11/04 12:0 a.m.78 views

Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: There is a way to inject both headers and content to users, causing a serious...

5CVSS5.8AI score0.02391EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/11/02 12:0 a.m.37 views

Oracle Java System Web Server HTTP Response Splitting Vulnerability

The host is running Oracle Java System Web Server and is prone to HTTP response splitting vulnerability. OpenVAS Vulnerability Test $Id: gboraclesjswebserverresponsesplittingvuln.nasl 5390 2017-02-21 18:39:27Z mime $ Oracle Java System Web Server HTTP Response Splitting Vulnerability Authors: Ant...

4.3CVSS6.3AI score0.04485EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/11/02 12:0 a.m.79 views

Oracle Java System Web Server HTTP Response Splitting Vulnerability - Active Check

Oracle Java System Web Server is prone to an HTTP response splitting vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

4.3CVSS6.3AI score0.04485EPSS
Exploits0References4
0day.today
0day.today
added 2010/11/01 12:0 a.m.30 views

Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability

Exploit for php platform in category web applications ================================================================== Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability ==================================================================...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/10/29 12:0 a.m.29 views

JVN#72541530: Active! mail 6 vulnerable to HTTP header injection

Active! mail 6 from TransWARE Co. is a web-based email software. Active! mail 6 contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response splitting attacks are also possible. Soluti...

4.3CVSS6.7AI score0.01104EPSS
Exploits0
0day.today
0day.today
added 2010/10/21 12:0 a.m.14 views

Oracle Sun Java System Web Server - HTTP Response Splitting

Exploit for jsp platform in category web applications =========================================================== Oracle Sun Java System Web Server - HTTP Response Splitting =========================================================== Description Security-Assessment.com discovered that is possible...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/10/20 12:0 a.m.48 views

Oracle Sun Java System Web Server - HTTP Response Splitting

Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied input is used to generate the value of an HTTP header, as shown ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/10/20 12:0 a.m.27 views

Oracle Sun Java System Web Server - HTTP Response Splitting

Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2010/10/19 12:0 a.m.43 views

RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

10CVSS6.9AI score0.87264EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2010/10/19 12:0 a.m.47 views

RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2010:0768-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

10CVSS0.2AI score0.87264EPSS
Exploits14References2
Rows per page
Query Builder