CVE-2009-1312

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...

Mandriva Update for squid MDVSA-2008:002 (squid)

Check for the Version of squid OpenVAS Vulnerability Test Mandriva Update for squid MDVSA-2008:002 squid Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for mono MDVSA-2008:210-1 (mono)

Check for the Version of mono OpenVAS Vulnerability Test Mandriva Update for mono MDVSA-2008:210-1 mono Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for mono MDVSA-2008:210 (mono)

Check for the Version of mono OpenVAS Vulnerability Test Mandriva Update for mono MDVSA-2008:210 mono Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

phpMyAdmin < 3.1.3.1 'file_path' Parameter Multiple Vulnerabilities (PMASA-2009-1)

Binary data 4985.prm...

Buffer overflow

DISPUTED NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 Authorization or 2 Referer HTTP header to TCP por...

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow

No description provided by source. - Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered...

Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered during a pen-test where the client...

Crlf injection

CRLF injection vulnerability in bsdispasmimetype.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the 1 ctype and possibly 2 filetype parameters...

CVE-2009-1149

CVE-2009-1149 affects phpMyAdmin, specifically in bs_disp_as_mime_type.php (BLOB streaming). The vulnerability is a CRLF/HTTP header injection via c_type and possibly file_type, enabling HTTP response splitting. Affected: phpMyAdmin releases prior to 3.1.3.1. Impact: remote attacker could inject ...

HTTP Response Splitting and file inclusion vulnerability.

PMASA-2009-1 Announcement-ID: PMASA-2009-1 Date: 2009-03-24 Summary HTTP Response Splitting and file inclusion vulnerability. Description The BLOB streaming feature allowed attacker to include arbitrary files and inject HTTP headers using crafted URL parameters. Severity We consider this...

Ubuntu Update for firefox vulnerabilities USN-535-1

Ubuntu Update for Linux kernel vulnerabilities USN-535-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5351.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-535-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Crlf injection

CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

CVE-2009-0868

The CVE-2009-0868 issue affects Fujitsu Jasmine2000 Enterprise Edition (WebLink template). It is a CRLF injection vulnerability that lets remote attackers inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. The provided documents confirm the vulnerability an...

CVE-2009-0868

CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

Cross site scripting

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2008-6428

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2008-6428

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2008-6428

The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...

CVE-2008-6428

The vulnerability CVE-2008-6428 affects the Kaya 0.4.0 CGI framework. Reported impact: remote attackers can inject arbitrary HTTP headers and perform cross-site scripting (XSS) via unspecified vectors. No concrete exploitation details or patch information are provided in the connected documents. ...