EUVD-2004-1096

Malware in sbrugna...

EUVD-2007-1819

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-3092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x...

Apache Tomcat 9.0.0.M1 < 9.0.0.M8

The version of Tomcat installed on the remote host is prior to 9.0.0.M8. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.0.m8security-9 advisory. - The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before...

HTTP Response Splitting

perl is vulnerable to HTTP response splitting. The vulnerability exists as it was found that the Perl CGI module used a hard-coded value for the MIME boundary string in multipart/x-mixed-replace content. A remote attacker could possibly use this flaw to conduct an HTTP response splitting attack v...

Security Bulletin: Security Vulnerability in Apache Commons FileUpload affects IBM WebSphere Dashboard Framework (CVE-2016-3092 )

Summary Apache Commons FileUpload, which is bundled with IBM WebSphere Dashboard Framework, allows remote attackers to cause a denial of service CPU consumption via a long boundary string. Vulnerability Details IBM WebSphere Dashboard Framework WDF bundles a copy of Apache Commons FileUpload, whi...

Security Bulletin: Apache Commons FileUpload Vulnerabilities in IBM WebSphere MQ File Transfer Edition(CVE-2016-3092)

Summary The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in IBM WebSphere MQ File Transfer Edition, specifically the Web Gateway component, allows remote attackers to cause a denial of service CPU consumption through a long boundary string. Vulnerability Details CVEID:...

AWS Lambda parser is vulnerable to Regular Expression Denial of Service

index.js in the aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service ReDoS issue via a crafted multipart/form-data boundary string...

GHSA-6JQP-J69Q-PM62 AWS Lambda parser is vulnerable to Regular Expression Denial of Service

index.js in the aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service ReDoS issue via a crafted multipart/form-data boundary string...

CVE-2018-7560

index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service ReDoS issue via a crafted multipart/form-data boundary string...

CVE-2018-7560

index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service ReDoS issue via a crafted multipart/form-data boundary string...

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service CPU consumption via a long boundary string...

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service CPU consumption via a long boundary string...

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service CPU consumption via a long boundary string...

Fedora 14 : perl-Mail-Box-2.097-1.fc14 (2011-2541)

Update perl-Mail-Box to 2.097. No longer require spamassassin. 2.097 now randomizes boundary string to avoid undemonstrated security risks with boundary guessing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

Fedora 15 : perl-Mail-Box-2.097-1.fc15 (2011-2493)

Update perl-Mail-Box to 2.097. No longer require spamassassin. 2.097 now randomizes boundary string to avoid undemonstrated security risks with boundary guessing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...

CVE-2007-1825

Buffer overflow in the imapmailcompose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3...

php imap_mail_compose() buffer overflow via type.parameters

Buffer overflow in the imapmailcompose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3...

CVE-2004-1098

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header...