17 matches found
EUVD-2016-8021
Malware in sbrugna...
EUVD-2016-8020
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-7153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote...
Linux Distros Unpatched Vulnerability : CVE-2016-7152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote...
Security Bulletin: A vulnerability in the Firefox component of the Synthetic Playback agent affects IBM Performance Management products.
Summary Multiple browsers could allow a remote attacker to obtain sensitive information, caused by the failure to consider the role of the TCP congestion window in providing information about content length by the HTTPS protocol or by the HTTP/2 protocol. By visiting a Web site owned by a malicio...
CVE-2016-7153
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
UBUNTU-CVE-2016-7152
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
Design/Logic Flaw
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
Design/Logic Flaw
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7152
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
UBUNTU-CVE-2016-7153
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7152
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7153
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7152
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7153
CVE-2016-7153 describes a vulnerability in the HTTP/2 protocol where the TCP congestion window is not considered when determining content length, potentially enabling an attacker to obtain cleartext data by leveraging a web browser configuration that sends third‑party cookies (HEIST). The connect...
CVE-2016-7153
The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack...
CVE-2016-7152
CVE-2016-7152 is described in IBM Security Bulletin as a HEIST-related vulnerability affecting the Firefox component of the IBM Synthetic Playback agent used with IBM Application Performance Management (APM) 8.1.3 and IBM Cloud Application Performance Management. The root cause is that the HTTPS ...