CVE-2005-0054

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decodin...

Microsoft Internet Explorer contains URL decoding cross-domain vulnerability

Overview A URL decoding vulnerability in Microsoft Internet Explorer may allow remote attackers to bypass zone security restrictions and execute arbitrary code on affected systems. Description IE uses a cross-domain security model to maintain separation between browser frames from different...

CVE-2004-1315

Summary: CVE-2004-1315 affects phpBB 2.x prior to 2.0.11. The vulnerability stems from improper URL decoding of the highlight parameter in viewtopic.php, allowing a remote attacker to double-encode the highlight value so that PHP exec runs arbitrary code. Exploited in the wild by the Santy.A worm...

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

CVE-2004-0189

CVE-2004-0189 concerns a bug in the URL decoding '%xx' function in Squid 2.5.STABLE4 and earlier that can inject a NULL character into decoded URLs, causing Squid to compare only a portion of the requested URL against ACLs. This can allow bypass of url_regex-based access control lists. Public dis...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

Fedora Core 1 : squid-2.5.STABLE3-1.fc1 (2004-104)

Tue Mar 09 2004 Jay Fenlason 7:2.5.STABLE3-1.fc1 - Backport security fix for %00 hole. See CVE-2004-0189: The '%xx' URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL '%00' character, which causes Squid to use only a portion...

RHEL 2.1 / 3 : squid (RHSA-2004:133)

An updated squid package is available that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients. Squid is a full-featured Web proxy cache. A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 an...

FreeBSD : squid ACL bypass due to URL decoding bug (182)

The following package needs to be updated: squid %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg705e003a7f3611d896450020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

HP OpenView Select Access protection bypass

Invalid URL esc-symbols decoding allows user to access protected directory...

Low: Red Hat Security Advisory: : Updated squid package fixes security vulnerability

An updated squid package is avaliable that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients. Squid is a full-featured Web proxy cache. A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 an...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

CVE-2004-0189

The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass urlregex ACLs via a URL with a NULL "%00" character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists...

squid ACL bypass due to URL decoding bug

From the Squid advisory: Squid versions 2.5.STABLE4 and earlier contain a bug in the "%xx" URL decoding function. It may insert a NUL character into decoded URLs, which may allow users to bypass urlregex ACLs...

MSIEv6 % encoding causes a problem again

it's about cross-site scripting at MSIEv6 client side using encoding, but not the same as the one by PeaceFire.org which doesn't work on my PC. testedMSIEv6CN version IEXPLORE.EXE file version: 6.0.2600.0000 MSHTML.DLL file version: 6.00.2600.0000 demo at...

Oracle9i Application Server Apache PL/SQL module does not properly decode URL

Overview A vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS in which the module does not properly decode double URL encoded strings. This vulnerability could allow an intruder to read files outside the web...

Roxen security alert: URL decoding vulnerable

Roxen Webserver 2.0 up to version 2.0.92 and 2.1 up to version 2.1.264 has a vulnerability that allows any user to retrieve any file from the host with the privileges of the web server. Having the CGI-module enabled escalates the problem by making it possible to run any executable. Description In...

CVE-2001-1118

A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL...