2820 matches found
DEBIAN-CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...
CVE-2005-0508
CVE-2005-0508 affects Batik’s Squiggle component prior to Batik 1.5.1. The vulnerability allows bypassing certain access controls via features of the Rhino JavaScript engine due to a script security issue. Root cause is tied to Rhino scripting security in Squiggle. Affected software is Batik (Squ...
[SA14336] Batik Squiggle Browser Unspecified Security Bypass
TITLE: Batik Squiggle Browser Unspecified Security Bypass SECUNIA ADVISORY ID: SA14336 VERIFY ADVISORY: http://secunia.com/advisories/14336/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Batik 1.x http://secunia.com/product/4685/ DESCRIPTION: A vulnerability h...
CVE-2003-0764
Escapade Scripting Engine ESP allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter...
CVE-2003-0763
Cross-site scripting XSS vulnerability in Escapade Scripting Engine ESP allows remote attackers to inject arbitrary script via the method parameter, as demonstrated using the PAGE parameter...
CVE-2003-0763
Cross-site scripting XSS vulnerability in Escapade Scripting Engine ESP allows remote attackers to inject arbitrary script via the method parameter, as demonstrated using the PAGE parameter...
CVE-2003-0764
The CVE-2003-0764 entry concerns the Escapade Scripting Engine (ESP). Affected: ESP; Issue: remote attackers can obtain sensitive path information through a malformed request that causes the server to leak the path in an error message, demonstrated via the PAGE parameter. Impact: partial disclosu...
CVE-2003-0763
CVE-2003-0763 describes a Cross-site scripting (XSS) vulnerability in the Escapade Scripting Engine (ESP). The issue arises from unsanitized input in the method parameter (demonstrated via the PAGE parameter), enabling remote attackers to inject arbitrary script. Documents indicate the affected c...
CVE-2003-0764
Escapade Scripting Engine ESP allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter...
Escapade Scripting Engine XSS Vulnerability and Path Disclosure
Escapade Scripting Engine XSS Vulnerability and Path Disclosure Published: 9 September 2003 Released: 9 September 2003 Affected Systems: Escapade Scripting Engine Vendor: http://www.escapade.org , http://www.squishedmosquito.com Issue: Remote attackers can inject XSS script and know the path of t...
Escapade 0.2.1 Beta Scripting Engine - PAGE Full Path Disclosure
Escapade 0.2.1 Beta Scripting Engine - PAGE Full Path Disclosure source: https://www.securityfocus.com/bid/8574/info Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value fo...
CVE-1999-1093
The CVE-1999-1093 entry describes a buffer overflow in the Window.External function of the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier . The flaw allows remote attackers to execute arbitrary commands via a malicious web page . Connected sources confirm the affected componen...
[AP] awhttpd v2.2 local DoS
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...
[AP] awhttpd v2.2 local DoS
-- ------------------------- -- - AngryPacket Security Advisory - -- ------------------------- -- - +--------------------- -- - + advisory information +------------------ -- - author: methodic [email protected] release date: 01/03/2002 homepage: http://sec.angrypacket.com...
Microsoft IIS 5.0 - Translate: f Source Disclosure (2)
Microsoft IIS 5.0 - Translate: f Source Disclosure 2 source: https://www.securityfocus.com/bid/1578/info Microsoft IIS 5.0 has a dedicated scripting engine for advanced file types such as ASP, ASA, HTR, etc. files. The scripting engines handle requests for these file types, processes them...
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure (1)
source: https://www.securityfocus.com/bid/1578/info Microsoft IIS 5.0 has a dedicated scripting engine for advanced file types such as ASP, ASA, HTR, etc. files. The scripting engines handle requests for these file types, processes them accordingly, and then executes them on the server. It is...
Internet Explorer help
None None...