The vulnerability of the Thunderbird email client and the Firefox browser is related to deficiencies in HTTP request processing, which allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Thunderbird email client and the Firefox browser is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

SUSE: Security Advisory (SUSE-SU-2016:2089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability in the web interface for managing microprogramming software on Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W routers allows a perpetrator to execute arbitrary code.

The vulnerability of the web-based management interfaces for Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W microprogramming systems lies in HTTP request processing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

RHEL 7 : squid (RHSA-2020:4082)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4082 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: HTTP...

SUSE SLES12 Security Update : squid (SUSE-SU-2020:0661-1)

This update for squid fixes the following issues : CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway bsc1162689. CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI...

SUSE-SU-2019:3067-1 Security update for squid

This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi bsc1140738. - CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. -...

OPENSUSE-SU-2019:2540-1 Security update for squid

This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi bsc1140738. - CVE-2019-12526: Fixed potential remote code execution during URN processing bsc1156326. -...

Squid Cross-Site Request Forgery Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A cross-site request forgery vulnerability exists in the HTTP request processing in Squid, which arises from a WEB...

Debian DLA-1507-1 : libapache2-mod-perl2 security update

Jan Ingvoldstad discovered that libapache2-mod-perl2 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processi...

Design/Logic Flaw

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

CVE-2011-2767

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

CVE-2011-2767

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

CVE-2011-2767

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

CVE-2011-2767

modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting...

Oracle Linux 6 : squid34 (ELSA-2017-0183)

The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2017-0183 advisory. 7:3.4.14-9.4 - Resolves: 1412733 - CVE-2016-10002 squid34: squid: Information disclosure in HTTP request processing Tenable has extracted the preceding...

SUSE SLES11 Security Update : squid (SUSE-SU-2016:2147-1)

This update for squid fixes the following issues : - CVE-2016-4051: backport fix buffer overflow in cachemgr.cgi bsc976553 - CVE-2016-4554: backport fix for header smuggling issue in HTTP Request processing bsc979010 Note that Tenable Network Security has extracted the preceding description block...

SUSE SLES11 Security Update : squid3 (SUSE-SU-2016:1996-1)

This update for squid3 fixes the following issues : - Multiple issues in pinger ICMP processing. CVE-2014-7141, CVE-2014-7142 - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. bsc973782 - CVE-2016-4554: fix header smuggling issue in HTTP Request processing bsc979010 - fix multipl...

Lotus Domino vulnerable to denial-of-service (DoS)

Overview Lotus Domino provided by IBM contains a denial-of-service DoS vulnerability. Lotus Domino contains a denial-of-service DoS vulnerability due to an issue in processing HTTP requests. Ryouichi Ozawa of Oki Electric Industry Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated...

JVN#51305555: Lotus Domino vulnerable to denial-of-service (DoS)

Lotus Domino contains a denial-of-service DoS vulnerability due to an issue in processing HTTP requests. Impact A remote attacker may cause the Domino service to crash. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

JVN#73643130: Microsoft MSXML vulnerability in HTTP request processing

MSXML provided by Microsoft contains a vulnerability where HTTP requests for XMLHTTP objects are not processed properly. As a result, when going through a proxy server, information may be sent to another server. Impact When going through a proxy server, information such as authentication...