193 matches found
CVE-2016-10397
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...
CVE-2016-10397
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:[email protected]/ and evil.example.com:[email protected]/ inputs to the parseurl...
CVE-2016-2036
The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...
Discourse: XSS Vulnerability on Image link parser
I found a XSS Cross-Site Scripting vulnerability, and it is present in the markdown parser when it tries to parse an image URL. To reproduce the vulnerability you need to add a fake image url like: http://host/path/to/image'onerror=alert1;//.png As you can see, we have an invalid image URL which...
php: Buffer over-read in php_url_parse_ex
The phpurlparseex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via vectors involving the smartstr data type...
Gadu-Gadu 6.0 URL Parser Javascript XSS
No description provided by source. source: http://www.securityfocus.com/bid/11998/info Multiple remote vulnerabilities reportedly affect Gadu-Gadu instant messenger. It supports the DCC Direct Client Connection protocol, facilitating the transfer of files and messages between users. The input...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
Fedora 11 : python-paste-1.7.4-1.fc11 (2010-10400)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-125-1)
Marco Alvarez found a Denial of Service vulnerability in the Jabber protocol handler. A remote attacker could exploit this to crash Gaim by sending specially crafted file transfers to the user. CAN-2005-0967 Stu Tomlinson discovered an insufficient bounds checking flaw in the URL parser. By sendi...
CVE-2005-4360
Summary (CVE-2005-4360, mode C) : IIS 5.1 on Windows XP Pro SP2 contains a memory/URL parsing vulnerability in the IIS WWW component. A remote attacker can trigger it by sending specially crafted URLs (notably using paths like /_vti_bin/.dll/*/~0), leading to remote code execution with SYSTEM pri...
CURL-CVE-2005-4077 URL Buffer Overflow
libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...
curl -- URL buffer overflow vulnerability
A Project cURL Security Advisory reports: libcurl's URL parser function can overflow a malloced buffer in two ways, if given a too long URL. 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of...
USN-125-1: Gaim vulnerabilities
Marco Alvarez found a Denial of Service vulnerability in the Jabber protocol handler. A remote attacker could exploit this to crash Gaim by sending specially crafted file transfers to the user. CAN-2005-0967 Stu Tomlinson discovered an insufficient bounds checking flaw in the URL parser. By sendi...