EUVD-2009-2057

Malware in sbrugna...

CVE-2022-20468

In BNEPConnectResp of bnepapi.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

SUSE CVE-2009-1439

Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service crash via a long nativeFileSystem field in a Tree Connect response to an SMB mount request...

SUSE CVE-2009-2057

Microsoft Internet Explorer before 8 uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL...

SUSE CVE-2009-2059

Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" atta...

SUSE CVE-2009-2063

Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site...

PT-2022-14686 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible out of bounds read in the BNEP ConnectResp function of bnep api.cc. This could lead to local information disclosure over Bluetooth without requirin...

Microsoft Windows SMB2 Tree Connect Response Denial of Service (MS17-012: CVE-2017-0016)

A denial of service vulnerability has been reported in Microsoft Windows SMB2. The vulnerability is due to insufficient sanitization over SMB2 Tree Connect response messages...

Opera Web Script Execution Vulnerabilities - June09 (Windows)

This host has Opera browser installed and is prone to Web Script Execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperawebscriptexecvulnjun09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Web Script Execution Vulnerabilities - June09 Windows Authors: Sharath S Copyright:...

CVE-2009-2059

Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" atta...

Hardcoded credentials

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying...