20 matches found
EUVD-2001-0679
Malware in sbrugna...
EUVD-2005-1658
Malware in sbrugna...
EUVD-2007-3317
Malware in sbrugna...
EUVD-2003-0418
Malware in sbrugna...
Microsoft MSN Messenger 1-4 Malformed Invite Request Denial of Service
No description provided by source. source: http://www.securityfocus.com/bid/4827/info Microsoft's MSN Messenger is an instant messenging client for Windows based machines, based on the Passport system. A vulnerability has been reported in some versions of MSN Messenger. Under some circumstances, ...
Code injection
InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs...
PT-2009-6627 · Intervations · Intervations Navicopa Web Server
Name of the Vulnerable Software and Affected Versions: InterVations NaviCOPA Web Server versions 3.0.1.2 and earlier Description: The issue allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI. This can be demonstrated by accessing URIs...
CVE-2008-7229
GreenSQL Firewall greensql-fw before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character %20...
CVE-2008-7229
CVE-2008-7229 affects GreenSQL Firewall (greensql-fw) prior to version 0.9.2. The vulnerability allows remote attackers to bypass the product’s SQL injection protection by sending a crafted string, potentially involving an encoded space character (%20). The underlying issue is an insufficient val...
CVE-2007-3407
Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...
Code injection
Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...
CVE-2007-3407
Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...
Code injection
httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information script source code via a URI with a trailing %20 encoded space...
CVE-2007-3327
httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information script source code via a URI with a trailing %20 encoded space...
Caucho Resin 3.1 - Encoded Space Request Full Path Disclosure
Caucho Resin 3.1 - Encoded Space Request Full Path Disclosure source: https://www.securityfocus.com/bid/23985/info Caucho Resin is prone to multiple information-disclosure vulnerabilities because it fails to adequately sanitize user-supplied data. Attackers can exploit these issues to access...
CVE-2005-1420
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" hex-encoded space...
CVE-2005-1420
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" hex-encoded space...
CVE-2004-2032
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 hex-encoded space sequences...
Multiple Web Server Encoded Space (%20) Request ASP Source Disclosure
It appears possible to get the source code of the remote ASP scripts by appending a '%20' to the request. ASP source code usually contains sensitive information such as logins and passwords. This has been reported in Simple HTTPD shttpd, Mono XSP for ASP.NET and vWebServer. This type of request m...
CVE-2001-1248
CVE-2001-1248 affects vWebServer 1.2.0, enabling remote attackers to view arbitrary ASP scripts by requesting an ASP file that ends with a URL-encoded space (%20). The issue is classified as a information-disclosure vulnerability (CVSSv2 base score 5.0, AV:N/AC:L/Au:N/C:P/I:N/A:N); no exploit spe...