Lucene search
K

32 matches found

Cvelist
Cvelist
added 2009/08/18 10:0 p.m.23 views

CVE-2009-1876

Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."...

6.1AI score0.02805EPSS
Exploits0References2
Prion
Prion
added 2009/08/11 10:30 a.m.25 views

Cross site scripting

CA SiteMinder allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications via a request containing a %00 encoded null byte...

4.3CVSS6.2AI score0.03946EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.37 views

Ubuntu Update for firefox vulnerabilities USN-490-1

Ubuntu Update for Linux kernel vulnerabilities USN-490-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4901.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-490-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

9.3CVSS0.9AI score0.04618EPSS
Exploits6References2
Mozilla
Mozilla
added 2007/07/17 12:0 a.m.40 views

File type confusion due to %00 in name — Mozilla

Ronald van den Heetkamp reported that a filename URL containing %00 encoded null can cause Firefox to interpret the file extension differently than the underlying Windows operating system potentially leading to unsafe actions such as running a program. This is only accessible locally...

6.8CVSS2.4AI score0.01751EPSS
Exploits3References2Affected Software2
NVD
NVD
added 2006/12/31 5:0 a.m.25 views

CVE-2006-5858

Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file...

5CVSS6.7AI score0.12908EPSS
Exploits0References9
NVD
NVD
added 2005/05/02 4:0 a.m.8 views

CVE-2005-1198

Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attackers to read arbitrary files via hex-encoded null characters %00 in the middle of ".." sequences in the template parameter...

5CVSS6.8AI score0.01466EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.13 views

BEA WebLogic < 6.1 SP2 Encoded Null Byte Request JSP Source Disclosure

Binary data 1526.prm...

7.3AI score
Exploits0References1
NVD
NVD
added 2003/12/15 5:0 a.m.22 views

CVE-2003-0975

Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character %00 followed by the target domain...

5CVSS6.1AI score0.01362EPSS
Exploits0References4
NVD
NVD
added 2002/10/04 4:0 a.m.21 views

CVE-2002-1021

BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte...

5CVSS6.5AI score0.03221EPSS
Exploits1References3
NVD
NVD
added 2002/10/04 4:0 a.m.21 views

CVE-2002-1025

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed...

5CVSS6.8AI score0.02009EPSS
Exploits1References6
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.19 views

CVE-2002-1021

BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte...

6.5AI score0.03221EPSS
Exploits1References3
CVE
CVE
added 2002/08/31 4:0 a.m.44 views

CVE-2002-1021

Summary of CVE-2002-1021 (BadBlue Hex-encoded Null Byte) The vulnerability affects the BadBlue web server and allows remote attackers to read restricted files (notably EXT.INI, the BadBlue configuration file) by sending an HTTP request containing a hex-encoded NULL byte. This constitutes an infor...

5CVSS6.6AI score0.03221EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder