CVE-2009-3017

CVE-2009-3017 concerns Orca Browser 1.2 build 5. The issue is an improper handling of data: URIs and javascript: URIs in HTTP headers (Refresh and Location) and in 302 error documents, enabling cross-site scripting (XSS) via multiple header/URL vectors. The connected documents corroborate user-as...

CVE-2009-3017

Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains JavaScript sequences in a data:text/html URI, ...

CVE-2009-3018

CVE-2009-3018 (Maxthon Browser 3.0.0.145 Alpha in Ultramode) is described in the initial record as an XSS flaw where javascript: and data: URIs are not properly blocked in Refresh headers, and where data: URIs in Location headers or javascript: data URIs in HTML links on 301/302 error documents c...

http-headers NSE Script

Performs a HEAD request for the root folder "/" of a web server and displays the HTTP headers returned. See also: http-security-headers.nse Script Arguments useget Set to force GET requests instead of HEAD. path The path to request, such as /index.php. Default /. slaxml.debug See the documentatio...

DISCUZ all versions of COOKIE hijacking method+DEMO-vulnerability warning-the black bar safety net

DISCUZ and many forums are unable to perform session hijacking, because the session and IP binding, DISCUZ main session authentication mechanism is as follows: /inlude/common.inc.php //Section 1 3 6 verify the session important period is from the sessions table in the query the SID, which is an...

Update Protection against Joomla! HTTP Header Script Injection

Joomla! is a content management system CMS designed for building Web sites and online applications. Joomla! fails to parse HTTP headers, allowing an attacker to inject JavaScript or DHTML code that can be executed in the context of a target user browser...

[ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers

============================================= INTERNET SECURITY AUDITORS ALERT 2009-007 - Original release date: June 30th, 2009 - Last revised: July 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS Base Score ============================================= I. VULNERABILITY...

Joomla Multiple Cross Site Scripting Issues

============================================= INTERNET SECURITY AUDITORS ALERT 2009-007 - Original release date: June 30th, 2009 - Last revised: July 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS Base Score ============================================= I. VULNERABILITY...

CVE-2009-2272

The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by 1 reading a cookie file, by 2 sniffing the network for HTTP headers, and possibly by using unspecified other vectors...

CGI Generic Header Injection

The remote web server hosts CGIs that are vulnerable to 'header injection'. By leveraging this issue, an attacker may be able to poison a proxy cache, or trigger a cross-site scripting flaws and cause arbitrary HTML and script code to be executed in a user's browser within the security context of...

Crlf injection

CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting XSS attacks...

CVE-2009-1697

CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting XSS attacks...

CVE-2009-1697

CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting XSS attacks...

CVE-2009-1697

CVE-2009-1697 is a CRLF injection vulnerability in WebKit that can allow remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting exploits using XMLHttpRequest without a Host header. Affected products include Apple Safa...

Heap overflow

Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service application crash via long HTTP headers...

CVE-2009-0157

Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service application crash via long HTTP headers...

Crlf injection

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

CVE-2009-1591

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

Crlf injection

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELPPAGE parameter...

CVE-2009-1357

CVE-2009-1357 describes a CRLF injection/HTTP response splitting vulnerability in Sun Java System Delegated Administrator (DA) server. Affected are DA 6.2–6.4 (without patches 121581-20 / 121582-20 / 121583-20 depending on platform). The issue arises in the da/DA/Login component via the HELP_PAGE...