Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability - Windows

Strawberry Perl is prone to HTTP header injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability - Windows

Active Perl is prone to HTTP header injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Perforce P4web 2011/2012 Web Client XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Perforce P4web 2011/2012 Web Client XSS Vulnerability Date: 21 Jan 2013 Researcher: Christy Philip Mathew Email: email protected Vendor or Software Link: http://filehost.perforce.com/perforce/r11.1/bin.ntx86/p4webinst.exe...

CVE-2012-6452 Axway Secure Messenger Username Disclosure

Product: Axway Email Firewall Component: Secure Messenger Vendor: Axway Vulnerable Versions: 6.5 and earlier on the Email Firewall EMF platform only Tested Version: 6.3.2 Build 4230 Vendor Notification: December 8, 2012 Vendor Patch: Secure Messenger version 6.5.0 Updated Release 7 Public...

CVE-2012-5875

Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service NULL pointer dereference via a 1 crafted Connection HTTP header; a return carriage control character in the 2 Accept Language header, 3 User-agent header, 4 Host header, or 5 protocol version; or a 6 crafted HTTP...

httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

CVE-2012-6369

Cross-site scripting XSS vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted User-Agent HTTP header that is not properly handled in a View Troubleshooting Report action...

CVE-2012-6369

Cross-site scripting XSS vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted User-Agent HTTP header that is not properly handled in a View Troubleshooting Report action...

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012...

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: NULL Pointer Dereference CWE-476 CVE...

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

This host is running Firefly MediaServer and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbfireflymediaservermultdosvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities Authors: Rachana Shetty Copyright:...

FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference

FireFly Mediaserver version 1.0.0.1359 suffers from a denial of service vulnerability that can be triggered by a NULL pointer dereference. Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notificatio...

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

Firefly MediaServer is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2587-1 : libcgi-pm-perl - HTTP header injection

It was discovered that the CGI module for Perl does not filter LF characters in the Set-Cookie and P3P headers, potentially allowing attackers to inject HTTP headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

[SECURITY] [DSA 2587-1] libcgi-pm-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2587-1 [email protected] http://www.debian.org/security/ December 11, 2012 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

CVE-2011-2732

Spring Security vulnerability (CVE-2011-2732) involves CRLF injection in logout handling via the spring-security-redirect parameter, allowing header injection and HTTP response splitting. Affected versions: 2.0.0–2.0.6 and 3.0.0–3.0.5. Root cause: shared logout code reads the redirect parameter f...

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

This module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3. This module requires Metasploit: https://metasploit.com/download...

Ubuntu: Security Advisory (USN-1632-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for python-django USN-1632-2

Ubuntu Update for Linux kernel vulnerabilities USN-1632-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN16322.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python-django USN-1632-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.ne...

FireFly Media Server Multiple Remote DoS Vulnerabilities

High-Tech Bridge Security Research Lab has discovered multiple remote denial of service DoS vulnerabilities in FireFly Media Server, which could be exploited by a malicious person to crash a remote server. 1 Multiple NULL pointer dereference vulnerabilities in FireFly Media Server: CVE-2012-5875...