3704 matches found
CVE-2008-2234
Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header...
CVE-2008-3667
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header...
CVE-2008-3667
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header...
CVE-2008-3667
The CVE-2008-3667 issue affects Maxthon Browser 2.0 and earlier, where a stack-based overflow occurs in processing a long HTTP Content-Type header, enabling remote arbitrary code execution. Root cause: improper handling of the Content-Type header leading to a stack overflow. Affected products: Ma...
intellitamper207-header.txt
/ IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit. Based on exploit by Koshi written in Perl. This one should be more stable. Just for fun and to learn more about win32 exploitation. by Wojciech Pawlikowski [email protected] / include include include include include include...
IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
No description provided by source. / IntelliTamper 2.07 Location: HTTP Header Remote Code Execution exploit. Based on exploit by Koshi written in Perl. This one should be more stable. Just for fun and to learn more about win32 exploitation. by Wojciech Pawlikowski [email protected] / include...
IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit
Exploit for unknown platform in category remote exploits ============================================================ IntelliTamper 2.07 HTTP Header Remote Code Execution Exploit ============================================================ / IntelliTamper 2.07 Location: HTTP Header Remote Code...
Apache Tomcat HttpServletResponse.sendError()跨站脚本漏洞
BUGTRAQ ID: 30496 CVECAN ID: CVE-2008-1232 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat不仅在错误页面中显示了HttpServletResponse.sendError调用的消息参数,同时也在HTTP响应的reason-phrase中使用,这就可能在HTTP头中包含非法字符。特制的消息可能导致跨站脚本攻击,向HTTP响应中注入任意内容。 Apache Group Tomcat 6.0.x Apache Group Tomcat 5.5.x Apache Group Tomcat 4.1.x...
Sql injection
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...
CVE-2008-3153
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...
CVE-2008-3153
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header...
OFFSystem HTTP头字段数据处理远程缓冲区溢出漏洞
BUGTRAQ ID: 29809 CNCAN ID:CNCAN-2008062310 OFFSystem是一款开源文件分享软件。 OFFSystem处理HTTP头字段数据存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意代码。 发送特殊构建的包含畸形HTTP头字段的HTTP请求,可导致缓冲区溢出,可能以应用程序权限执行任意指令。 FFSystem OFFSystem 0.9.14 升级程序: OFFSystem OFFSystem 0.9.14 OFFSystem OFFSystem-0.19.14-src.tar.gz...
IBM Lotus Domino Web Server HTTP Header Buffer Overflow (CVE-2008-2240)
IBM Lotus Domino is a server product that provides enterprise-grade e-mail, collaboration capabilities, and custom application platform. A stack buffer overflow vulnerability was reported in the IBM Lotus Domino Web Server application. The vulnerability is due to an error in the IBM Lotus Domino...
Akamai Red Swoosh < 3333 referer Header Cross-Site Request Forgery
The remote host is running Akamai Red Swoosh client, which handles software distribution via the Swoosh network. The version of Red Swoosh installed on the remote host includes a web server that listens on the loopback interface for management commands but it fails to properly sanitize the HTTP...
SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier
SQL Injection leading to authorization bypass in Torrent Trader Classic v1.08 and earlier Discovered by: Charles Vaughn [email protected] Software: http://sourceforge.net/projects/torrenttrader Status: Vendor Notified, updated version available Vulnerability TorrentTrader is a popular torrent...
flash a tips-vulnerability warning-the black bar safety net
Author: darkne2s Source: energy Temple It seems like a large cattle these all have flash exp. But 1 0 personal 9 personal that bad. This surprised me. Press the truth to say that this is not the person's vulnerability should be very easy to use. And I also often irregularly collected all over the...
Stack overflow
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long Accept-Language HTTP header...
CGI RESCUE WebFORM vulnerable to HTTP header injection
Overview WebFORM released from CGI RESCUE is software that allows the emailing of contents of a HTML form. WebFORM contains a HTTP header injection vulnerability which is caused by improperly processing the output of HTTP headers. Impact Falsified information may be displayed or an arbitrary scri...
CVE-2008-1385
Cross-site scripting XSS vulnerability in the Top Referrers aka referrer plugin in Serendipity S9Y before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...
CVE-2008-1385
Cross-site scripting XSS vulnerability in the Top Referrers aka referrer plugin in Serendipity S9Y before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...