5 matches found
EUVD-2003-0965
Malware in sbrugna...
GHSA-VJV5-GP2W-65VM Encoded URIs can access WEB-INF directory in Eclipse Jetty
Description URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. Impact The default compliance mode allows requests with UR...
CVE-2002-2013
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character %00 followed by the target domain...
CVE-2009-1876
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."...
CVE-2003-0975
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character %00 followed by the target domain...