2442 matches found
java security update
CentOS Errata and Security Advisory CESA-2010:0768 Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...
Important: Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update
Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
HP/HPE System Management Homepage (SMH) Multiple Vulnerabilities (HPSBMA02566, HPSBMA02568)
HP/HPE System Management Homepage SMH is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2010-3011
CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
Crlf injection
CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2010-3011
CVE-2010-3011 is a CRLF injection vulnerability in HP System Management Homepage (SMH) prior to 6.2 that can allow remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. The issue affects HP SMH versions before 6.2 and stems from an as‑yet u...
CVE-2010-3011
CRLF injection vulnerability in HP System Management Homepage SMH before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
[security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, HTTP Response Splitting, and Other Vulnerabilities...
HP System Management Homepage < 6.2 Multiple Vulnerabilities
According to its self-reported version number, the HP System Management Homepage install on the remote host is earlier than 6.2. Such versions are reportedly affected by the following vulnerabilities : - Session renegotiations are not handled properly, which could be exploited to insert arbitrary...
Crlf injection
CRLF injection vulnerability in load.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the...
CVE-2010-0155
The CVE-2010-0155 issue affects IBM Proventia Network Mail Security System (PNMSS) with firmware older than 2.5, specifically the Local Management Interface (LMI). A CRLF injection vulnerability exists in load.php that is exploitable by remote authenticated users via the javaVersion parameter, en...
Proventia Network Mail Security System CRLF Injection
Security Advisory: MVSA-10-009 / CVE-2010-0155 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: CRLF Injection Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-009 Description Web-based...
Crlf injection
CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or...
[SWRX-2010-001] Cisco ASA HTTP Response Splitting Vulnerability
SecureWorks Security Advisory SWRX-2010-001 Cisco ASA HTTP Response Splitting Vulnerability Advisory Information Title: Cisco ASA HTTP Response Splitting Vulnerability Advisory ID: SWRX-2010-001 Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001 Date published: Thursday, June 2...
Cisco ASA HTTP Response Splitting
SecureWorks Security Advisory SWRX-2010-001 Cisco ASA HTTP Response Splitting Vulnerability Advisory Information Title: Cisco ASA HTTP Response Splitting Vulnerability Advisory ID: SWRX-2010-001 Advisory URL: http://www.secureworks.com/ctu/advisories/SWRX-2010-001 Date published: Thursday, June 2...
Cisco ASA Software HTTP Response Splitting Vulnerability
Cisco ASA Software versions prior to 8.12 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability exists due to improper handling of characters within URLs. An unauthenticated, remote attacker could exploit this...
Cisco Adaptive Security Response - HTTP Response Splitting
source: https://www.securityfocus.com/bid/41159/info Cisco Adaptive Security Response ASA is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that...
WordPress Cimy Counter Plugin 0.9.4 - HTTP Response Splitting and Cross-Site Scripting Vulnerabilities
This Cimy Counter plugin is prone to HTTP response-splitting and a cross-site scripting vulnerabilities. It fails properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...
WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting
source: https://www.securityfocus.com/bid/41132/info Cimy Counter for WordPress is prone to an HTTP response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary scrip...