797 matches found
CVE-2003-1186
Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header...
CVE-2003-1054
modaccessreferer 1.0.2 allows remote attackers to cause a denial of service crash via a malformed Referer header that is missing a hostname, as parsed by the apparseuricomponents function in Apache, which triggers a null dereference...
RHEL 2.1 : kdelibs (RHSA-2003:236)
This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...
CVE-2003-1561
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
Buffer overflow in SimpleWebServer
Buffer overflow on oversized URL and Referer header...
CVE-2003-1186
Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header...
TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow
TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow source: https://www.securityfocus.com/bid/8925/info A vulnerability has been reported in SimpleWebServer that may allow a remote attacker to cause a denial of service condition or execute arbitrary code on...
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites...
Moderate: Red Hat Security Advisory: : Updated KDE packages fix security issue
This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...
CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites...
Moderate: Red Hat Security Advisory: kdelibs security update
This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...
KDE Security Advisory: Konqueror Referrer Authentication Leak
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: Konqueror Referer Leaking Website Authentication Credentials Original Release Date: 2003-07-29 URL: http://www.kde.org/info/security/advisory-20030729-1.txt 0. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-04...
CVE-2003-1054
modaccessreferer 1.0.2 allows remote attackers to cause a denial of service crash via a malformed Referer header that is missing a hostname, as parsed by the apparseuricomponents function in Apache, which triggers a null dereference...
mod_access_referer -- null pointer dereference vulnerability
A malformed Referer header field causes the Apache apparseuricomponents function to discard it with the result that a pointer is not initialized. The modaccessreferer module does not take this into account with the result that it may use such a pointer. The null pointer vulnerability may possibly...
CVE-2002-2246
Cross-site scripting XSS vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header HTTPREFERER to a non-existent page, which is injected into the resulting 404 error page...
VisNetic WebSite XSS vulnerability through HTTP referer header
Visnetic WebSite XSS vulnerability through HTTP Referer header --------------------------------------------------------------------------------------------- = Author: Ory Segal - Sanctum inc. http://www.sanctuminc.com/ = Release date: 09/12/2002 = Vendor: Deerfield http://www.deerfield.com The...
Deerfield VisNetic WebSite 3.5.13.1 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/6369/info A vulnerability has been discovered in VisNetic Website when generating a 404 page for a non-existent resources. The issue is due to insufficient sanitization of the HTTP 'referer' header. It is possible to cause arbitrary code to be executed...