CVE-2019-7733

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove...

CVE-2019-7733

Removed by vendor...

CVE-2016-1901

Integer overflow in the authenticatepost function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow...

Apache Tomcat Multiple Vulnerabilities (Nov 2014)

Apache Tomcat is prone to multiple vulnerabilities. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2011-2593

Integer overflow in the StartEpa method in the nsepacom ActiveX control nsepa.exe in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a crafted Content-Length HTTP header, which trigger...

tomcat -- multiple vulnerabilities

Tomcat Security Team reports: Tomcat does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference,...

Integer overflow

Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a...

Integer overflow

Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service heap memory corruption or possibly execute arbitrary code via a large integer in the...

Integer overflow

Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via 1 a crafted Content-Length HTTP header or 2 a large HTTP request, related to an integer overflow tha...

Heap overflow

Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header...

CVE-2009-0840

CVE-2009-0840 affects MapServer’s mapserv CGI: a heap-based buffer overflow can be triggered by a crafted Content-Length header, enabling remote code execution. Impacted are MapServer 4.x up to 4.10.4 and 5.x up to 5.2.2. Debian/OSS advisories note an incomplete fix also affecting CVE-2009-2281 a...

Hardcoded credentials

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

Null pointer dereference

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

Stack overflow

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

CVE-2007-1260

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...