Lucene search
K

174 matches found

RedHat Linux
RedHat Linux
added 2010/09/10 8:34 a.m.9 views

Important: Red Hat Security Advisory: tomcat5 security update

Updated tomcat5 packages that fix three security issues are now available for Red Hat Certificate System 7.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

6.4CVSS6AI score0.54779EPSS
Exploits2References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

Problem with referer header handling on mobile phone web browsers

Overview We have confirmed that web browser products from Openwave Systems Inc. used for the Internet connection service for mobile phones have a problem in its function of sending referer information under certain circumstances. This problem has been reported for KDDI's au mobile phones. KDDI,...

2.6CVSS6.6AI score
Exploits0References2
OSV
OSV
added 2006/07/28 12:4 a.m.11 views

CVE-2006-3918

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

6.1AI score
Exploits0References71
OSV
OSV
added 2005/05/02 4:0 a.m.7 views

CVE-2005-0241

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size...

6.5AI score
Exploits0References18
NVD
NVD
added 2003/12/31 5:0 a.m.16 views

CVE-2003-1561

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

4.3CVSS6.2AI score0.00968EPSS
Exploits0References2
NVD
NVD
added 2003/12/31 5:0 a.m.25 views

CVE-2003-1302

The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a 1 To or 2 From header with an address that contains a large number of "" backslash characters...

5CVSS6.7AI score0.01352EPSS
Exploits1References2
NVD
NVD
added 2003/08/27 4:0 a.m.25 views

CVE-2003-0459

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites...

5CVSS6.7AI score0.02899EPSS
Exploits0References10
securityvulns
securityvulns
added 2003/08/05 12:0 a.m.29 views

NetBSD Security Advisory 2003-010: remote panic in OSI networking code

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2003-010 ================================= Topic: remote panic in OSI networking code Version: NetBSD-current: source prior to May 26, 2003 NetBSD 1.6.1: affected NetBSD 1.6: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected...

6.8AI score
Exploits0
OSV
OSV
added 2002/12/31 5:0 a.m.8 views

DEBIAN-CVE-2002-1765

Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service memory consumption and crash via an email with a malformed MIME header...

5CVSS6.8AI score0.01634EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.6 views

PT-2002-2497 · Symantec · Symantec Norton Antivirus

Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus NAV version 2002 Description: The issue allows remote attackers to bypass the initial virus scan and cause the software to prematurely stop scanning by using a non-RFC compliant MIME header. The vendor has disputed...

7.5CVSS7.1AI score0.02574EPSS
Exploits0References8
NVD
NVD
added 2002/05/31 4:0 a.m.15 views

CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows treats a carriage return "CR" in a message header as if it were a valid carriage return/line feed combination CR/LF, which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only...

7.5CVSS6.7AI score0.12316EPSS
Exploits0References3
Apache Httpd
Apache Httpd
added 2001/10/12 12:0 a.m.61 views

Apache Httpd < 1.3.22 : split-logfile can cause arbitrary log files to be written to

A vulnerability was found in the split-logfile support program. A request with a specially crafted Host: header could allow any file with a .log extension on the system to be written to...

5CVSS1.3AI score0.11922EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2001/03/30 12:0 a.m.80 views

Security Bulletin MS01-020

Title: Incorrect MIME Header Can Cause IE to Execute E-mail Attachment Date: 29 March 2001 Software: Microsoft Internet Explorer Impact: Run code of attacker's choice. Bulletin: MS01-020 Microsoft encourages customers to review the Security Bulletin at:...

Exploits0
NVD
NVD
added 2000/12/31 5:0 a.m.16 views

CVE-2000-1244

Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection...

7.5CVSS6.8AI score0.02406EPSS
Exploits1References1
Rows per page
Query Builder