2484 matches found
CVE-2009-0868
The CVE-2009-0868 issue affects Fujitsu Jasmine2000 Enterprise Edition (WebLink template). It is a CRLF injection vulnerability that lets remote attackers inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. The provided documents confirm the vulnerability an...
Cross site scripting
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...
CVE-2008-6428
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...
CVE-2008-6428
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...
CVE-2008-6428
The vulnerability CVE-2008-6428 affects the Kaya 0.4.0 CGI framework. Reported impact: remote attackers can inject arbitrary HTTP headers and perform cross-site scripting (XSS) via unspecified vectors. No concrete exploitation details or patch information are provided in the connected documents. ...
CVE-2008-6428
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting XSS attacks via unspecified vectors...
RedHat Update for squid RHSA-2007:1130-01
Check for the Version of squid OpenVAS Vulnerability Test RedHat Update for squid RHSA-2007:1130-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
CentOS Update for squid CESA-2008:0214 centos4 i386
Check for the Version of squid OpenVAS Vulnerability Test CentOS Update for squid CESA-2008:0214 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for squid CESA-2008:0214 centos3 i386
Check for the Version of squid OpenVAS Vulnerability Test CentOS Update for squid CESA-2008:0214 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for squid CESA-2008:0214 centos4 x86_64
Check for the Version of squid OpenVAS Vulnerability Test CentOS Update for squid CESA-2008:0214 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CentOS Update for squid CESA-2008:0214 centos4 i386
Check for the Version of squid OpenVAS Vulnerability Test CentOS Update for squid CESA-2008:0214 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for squid CESA-2007:1130-04 centos2 i386
Check for the Version of squid OpenVAS Vulnerability Test CentOS Update for squid CESA-2007:1130-04 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Intercepting proxy servers may incorrectly rely on HTTP headers to make connections
Overview Proxy servers running in interception mode "transparent" proxies that make connection decisions based on HTTP header values may be used by an attacker to relay connections. Description HTTP Host Headers are defined in RFC 2616 and are often used to by web servers to allow multiple websit...
Crlf injection
CRLF injection vulnerability in SocialEngine SE 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie...
CVE-2008-6121
CRLF injection vulnerability in SocialEngine SE 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie...
CVE-2008-6121
CRLF injection vulnerability in SocialEngine SE 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie...
CVE-2008-6121
CVE-2008-6121 describes a CRLF injection vulnerability in SocialEngine versions 2.7 and earlier. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the PHPSESSID cookie. Affected software: SocialEngine 2.7 and earlier. Underlying cause: CRLF...
USN-717-3: Firefox vulnerabilities
Kojima Hajime discovered that Firefox did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. CVE-2008-5510 Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were...
Crlf injection
CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server WAS 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2008-4283
CVE-2008-4283 describes a CRLF injection vulnerability in the WebContainer component of IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. Accor...