148 matches found
DEBIAN-CVE-2009-2820
The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...
Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
Microsoft Windows is prone to a remote code-execution vulnerability when processing the protocol headers for the Server Message Block SMB Negotiate Protocol Request. NOTE: Reportedly, for this issue to be exploitable, file sharing must be enabled. An attacker can exploit this issue to execute cod...
[oCERT-2008-004] multiple speex implementations insufficient boundary checks
2008/04/17 2008-004 multiple speex implementations insufficient boundary checks Description: The reference speex decoder from the Speex library performs insufficient boundary checks on a header structure read from user input, this has been reported in oCERT-2008-002 advisory. Further investigatio...
Mozilla Foundation Security Advisory 2006-74
Mozilla Foundation Security Advisory 2006-74 Title: Mail header processing heap overflows Impact: Critical Announced: December 19, 2006 Reporter: Georgi Guninski, David Bienvenu Products: Thunderbird, SeaMonkey Fixed in: Thunderbird 1.5.0.9 SeaMonkey 1.0.7 Description Georgi Guninski reported tha...
FreeBSD : sylpheed -- buffer overflow in header processing (f8536143-9bc4-11d9-b8b3-000a95bc6fae)
The Sylpheed website states : A buffer overflow which occurred when replying to a message with certain headers which contain non-ascii characters was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD...
sylpheed -- buffer overflow in header processing
The Sylpheed web site states: A buffer overflow which occurred when replying to a message with certain headers which contain non-ascii characters was fixed...
GLSA-200411-19 : Pavuk: Multiple buffer overflows
The remote host is affected by the vulnerability described in GLSA-200411-19 Pavuk: Multiple buffer overflows Pavuk contains several buffer overflow vulnerabilities in the code handling digest authentication and HTTP header processing. This issue is similar to GLSA 200407-19, but contains more...
CVE-2002-1255
Microsoft Outlook 2002 is affected by an E-mail Header Processing vulnerability where an email containing a certain invalid header field, accessed via POP3, IMAP, or WebDAV, can cause a denial of service (repeated failure). The underlying issue is in how the header is processed, leading to availa...