CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2014/07/01 12:0 a.m.•28 views

MS Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit)

No description provided by source. source: http://www.securityfocus.com/bid/2906/info Due to an unchecked buffer in a subcomponent of FrontPage Server Extensions Visual InterDev RAD Remote Deployment Support, a specially crafted request via 'fp30reg.dll' could allow a user to execute arbitrary...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4485/info A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS Internet Information Services. This condition affects IIS 4.0 and IIS 5.0...

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (1)

seebug.org•added 2014/07/01 12:0 a.m.•21 views

Apache 1.3.x,Tomcat 4.0.x/4.1.x Mod_JK Chunked Encoding Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project. Apache Webserver and Tomcat are available for the Unix, Linux, and Microsoft Windows platforms. It has been reported...

seebug.org•added 2014/07/01 12:0 a.m.•48 views

Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretation of an unsigned integer...

seebug.org•added 2014/07/01 12:0 a.m.•41 views

Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (4)

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Microsoft IIS 4.0/5.0 Chunked Encoding Transfer Heap Overflow Vulnerability (3)

seebug.org•added 2014/07/01 12:0 a.m.•46 views

Apache 1.x/2.0.x Chunked-Encoding Memory Corruption Vulnerability (1)

seebug.org•added 2014/07/01 12:0 a.m.•13 views

PHP 5.3 'php_dechunk()' HTTP Chunked Encoding Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39877/info PHP is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the PHP process. Failed exploit attempts will result in a denial-of-servic...

RedHat Linux•added 2014/06/10 12:34 p.m.•3 views

tomcat: incomplete fix for CVE-2012-3544

It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat and JBoss Web processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by...

5CVSS6.8AI score0.10798EPSS

RedHat Linux•added 2014/05/21 3:45 p.m.•3 views

tomcat: multiple content-length header poisoning flaws

It was found that when Tomcat / JBoss Web processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat / JBoss Web would incorrectly handle the request. A remote...

5.8CVSS6.5AI score0.16833EPSS

securityvulns•added 2014/05/10 12:0 a.m.•38 views

Apache mod_security protection bypass

Protection bypass via chunked encoding...

5CVSS3.7AI score0.02648EPSS

Exploits2References1Affected Software1

RedHat Linux•added 2014/04/23 6:27 p.m.•3 views

tomcat: multiple content-length header poisoning flaws

5.8CVSS6.5AI score0.16833EPSS

OSV•added 2014/04/15 12:0 a.m.•0 views

UBUNTU-CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

5CVSS6.5AI score0.60205EPSS

Exploits2References6

Debian•added 2014/04/08 6:25 p.m.•38 views

[SECURITY] [DSA 2897-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2897-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 08, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.1AI score0.83175EPSS

Exploits16

OpenVAS•added 2014/04/08 12:0 a.m.•37 views

Debian Security Advisory DSA 2897-1 (tomcat7 - security update)

Multiple security issues were found in the Tomcat servlet and JSP engine: CVE-2013-2067 FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login...

7.5CVSS0.2AI score0.83175EPSS

Exploits16References1

RedHat Linux•added 2014/04/03 10:1 p.m.•3 views

tomcat: multiple content-length header poisoning flaws

5.8CVSS6.5AI score0.16833EPSS