Lucene search
K

548 matches found

Prion
Prion
added 2007/04/13 6:19 p.m.14 views

Code injection

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS8.8AI score0.02092EPSS
Exploits1References13Affected Software1
Cvelist
Cvelist
added 2007/04/13 6:0 p.m.32 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

9AI score0.02092EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2006/04/25 2:33 p.m.5 views

security flaw

CRLF injection vulnerability in the mbsendmail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds LF in the "To" address argument...

5CVSS6AI score0.03052EPSS
Exploits0References4
CVE
CVE
added 2006/02/14 7:0 p.m.81 views

CVE-2005-3058

Fortinet FortiGate/FortiOS 2.8MR10 and FortiGate v3beta expose a vulnerability where remote attackers can bypass the URL blocker by using HTTP requests terminated with a line feed (LF) instead of CRLF or by requests without a Host header. This interpretation conflict in parsing HTTP requests is t...

7.5CVSS6.6AI score0.03101EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2005/11/18 2:2 a.m.2 views

DEBIAN-CVE-2005-3348

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter...

4.3CVSS6.9AI score0.01978EPSS
Exploits1References1
OSV
OSV
added 2003/02/19 5:0 a.m.6 views

DEBIAN-CVE-2002-1405

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters...

5CVSS7.1AI score0.05039EPSS
Exploits0References1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.32 views

iis4.0.smtp.DoS.txt

Date: Tue, 16 Feb 1999 14:03:43 -0600 From: Bug Traqqer To: [email protected] Subject: Re: IIS 4.0 SMTPSVC vs. QMAIL To all- if you find this problem happening to you there are fixes on both product sides. Qmail has provided a patch for stray line feeds. It is available through the...

7.4AI score
Exploits0
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.10 views

Laravel CRLF injection in default email rule

Summary A CRLF injection vulnerability in Laravel's email validation, in combination with how Symfony Mailer and Symfony Mime handle certain character sequences, may allow an unauthenticated attacker to interfere with outbound email processing in applications that send mail to user-supplied...

5.2AI score0.00048EPSS
Exploits0Affected Software1
Rows per page
Query Builder